Sage Smiley reports: The American Civil Liberties Union of Alaska said that it uncovered a “massive” violation of medical privacy laws by a software company used by the Alaska Department of Corrections. But the software company at the center of the complaint claims that’s “false and misleading,” and that there was no breach of data…
Category: Subcontractor
600,000 Prison Inmates to Share in $6.49M Breach Settlement
Marianne Kolbasuk McGee A misconfigured web server and the exposure of sensitive information for nearly 600,000 prison inmates in 2022 will cost medical claims processing company CorrectCare $6.49 million to settle a consolidated proposed class action lawsuit, according to court records. The incident affected inmates who received medical care between January 2012 and July 2022…
AT&T ordered to pay $13M settlement in latest setback for company
Paulina Okunytė reports: After allegedly paying nearly $400,000 for a ransom in May, AT&T is reaching for its wallet again. This time, it’s to settle a cloud breach investigation led by the FCC. In a press release on September 17th, 2024, the Federal Communications Commission (FCC) announced a $13 million settlement with AT&T to resolve…
UK: Data on nearly 1 million NHS patients leaked online following Qilin ransomware attack on London hospitals
Alexander Martin reports: People with symptoms of sensitive medical conditions, including cancer and sexually transmitted infections, are among almost a million individuals who had their personal information published online following a ransomware attack that disrupted NHS hospitals in London earlier this year, according to an analysis shared with Recorded Future News. The examination by CaseMatrix, a company…
Everything old is new again? MCNA Dental allegedly suffers second big data breach of PHI
The Everest Ransomware Team has a new post on their leak site: Company has the last 24 hours to contact us using the instructions left.In case of silence, all data will be published More than 1 million personal EMR’s + different internal company documents But was this a new incident or were they just trying…
Business Associate Agreements Matter: Demystifying the Perceived Simplicity of HIPAA Agreements
Shalyn Watkins of Holland & Knight writes: For most healthcare providers and businesses, signing a Business Associate Agreement (BAA) is a standard practice. When contracting to provide services with an entity governed by the Health Insurance Portability and Accountability Act (HIPAA), it is a requirement that the entity enter into a business associate contract, also…