Paper – Page 18 – DataBreaches.Net

How can we screw up incident response? Let me count the ways — Monday UK Edition

Posted on December 9, 2019 by Dissent

This week, DataBreaches.net was reminded yet again of the risks of trying to alert an entity to a breach. This time, it was not me who was threatened or any of the whitehat researchers I know. This week, it was a citizen who found patient records on the street in his town and undertook to…

OCR Secures $2.175 Million HIPAA Settlement after Sentara Hospitals Failed to Properly Notify HHS of a Breach of Unsecured Protected Health Information

Posted on November 27, 2019 by Dissent

OCR has announced another settlement. This one involves Sentara Hospitals, and it’s a somewhat surprising one in the sense that Sentara not only seems to have gotten the fundamentals of HIPAA and notification compliance wrong, but then they seem to have insisted in their wrongheaded ways even after HHS told them what their obligations were. …

Ca: No answers on Fort Simpson dump breach until 2020 due to privacy breach backlog

Posted on November 13, 2019 by Dissent

Hilary Bird reports: Almost a year after boxes of personal medical records were found at the Fort Simpson dump, the Northwest Territories Information and Privacy Commissioner hasn’t had time to investigate the breach. A spokesperson for Elaine Keenan-Bengts’ office says that because of a backlog, the commissioner won’t be able to look into the incident…

Undetermined number of patient medical records lost in Bahamas

Posted on November 8, 2019 by Dissent

Every so often, we see an incident that is due to forces of nature or some environmental event. Here’s one from the Great Bahamas: There was a significant number of patient medical records lost at the Rand Memorial Hospital, during the passage of Hurricane Dorian, Public Hospitals Authority (PHA) Managing Director Catherine Weech said yesterday….

Smith’s Food & Drugs: Worker fired after improperly disposing of prescription records

Posted on October 29, 2019 by Dissent

AP reports that Smith’s Food & Drug, a division of Kroger, has terminated an employee who improperly disposed of thousands of old prescription records from a Nevada Store. The firm said it discovered on August 29 that the employee had discarded nearly 58,000 prescriptions in July. The incident reported above does not appear to be…

SC: Prisma Health discloses third patient data breach in two months

Posted on October 29, 2019 by Dissent

Noah Feit reports: Patients and volunteers at several Midlands hospitals might have had their personal information exposed online, according to Prisma Health. The problem was discovered after a Prisma Health employee’s login credentials were compromised, said Tammie Epps, a spokeswoman for the largest hospital system in South Carolina. Read more on The State. I had…