It appears the FTC acted on a complaint I filed with them last year concerning Henry Schein Dental’s use of the word “encryption” in their marketing and their refusal to individually notify customers that the “encryption” provided by Dentrix G5 was not NIST-grade encryption that would give them Safe Harbor under HIPAA. Background on my concerns…
Category: Of Note
Bucking Clapper? Massachusetts court holds patients have standing to sue based on mere exposure of data alone
In August, 2014, I noted a report involving a transcription contractor of Boston Medical Center exposing patient information on the Internet. BMC notified approximately 15,000 patients and fired MDF Transcription Services because of the incident. Of note, BMC told patients in a notification letter that it had no reason to believe their information had been misused…
Did a Christian right-wing organization expose private details of millions of people?
First someone left our voter registration details exposed to the world, but those were “just public records,” some argued. Now a second misconfigured database has been uncovered by Chris Vickery. This one, however, not only includes some states’ voter lists, but it also includes 19 million profiles with private information on religion, household values, gun ownership…
California might investigate massive leak of voter records
As I first reported in co-breaking the story about the massive leak of voter records that had been discovered by Chris Vickery, I called the California Attorney General’s Office to alert them to the leak of California voters’ information. The attorney I spoke with on December 21 told me she was immediately forwarding the information I provided, including the IP…
New NC law will let parents put security freeze on child’s credit report
WECT in North Carolina is reporting on a new law in NC that might become a model for other states when it comes to protecting children from identity theft: Parents in North Carolina will soon be able to help protect their children from identity theft. A new bill that takes effect January 1, 2016 will…
Few Consequences For Health Privacy Law’s Repeat Offenders
Regulators have logged dozens, even hundreds, of complaints against some health providers for violating federal patient privacy law. Warnings are doled out privately, but sanctions are imposed only rarely. Companies say they take privacy seriously. by Charles Ornstein and Annie Waldman ProPublica, Dec. 29, 2015, 4 a.m. This story was co-published with NPR’s Shots blog. When CVS Health customers complained…