From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has fined a private health company, HCA International Ltd, for failing to keep fertility patients’ personal information secure. The £200,000 monetary penalty has been issued as a result of an ICO investigation into the way the Lister Hospital was transferring, transcribing and storing records of IVF…
Category: Subcontractor
NHS accused of covering up huge data loss that put thousands at risk
Denis Campbell and Pamela Duncan report: Thousands of patients are feared to have been harmed after the NHS lost more than half a million pieces of confidential medical correspondence, including test results and treatment plans. In one of the biggest losses of sensitive clinical information in the NHS’s 69-year history, more than 500,000 pieces of patient data…
OCR investigating CoPilot Provider Support Services breach; former employee lodged complaint
When CoPilot Provider Support Services recently disclosed a security incident that they had known about since 2015, their statements might have led you to believe that a disgruntled former employee had hacked them or misused previously authorized access, and that law enforcement might be looking into criminal charges. If you thought that, you were wrong on both counts. CoPilot Provider Support Services (“CoPilot”) describes itself…
Criminal record raises more questions about fired DC case worker in patient file breach case
Tisha Lewis has an update on a previously reported incident: FOX 5 is uncovering more about a D.C. case worker who sent confidential patient files to a complete stranger she met on Facebook to lighten her workload. The files included social security numbers and medical records. It turns out this case worker also has a…
Third-party incidents continue to put patient ePHI at risk: Protenus
Protenus, Inc. has released its Breach Barometer for January. As they report, 2017 is starting out where 2016 left off: we are seeing an average of one breach per day involving health data. Protenus’s report, based on 31 incidents, reported that there were 388,307 breached records for the 26 incidents for which they had numbers. The single largest…
Vulnerability put 1.87 million Michigan employees at risk
Catherine Shaffer reports: As many as 1.87 million Michigan workers may have had their personal information exposed through a newly discovered security vulnerability in the computer system used by the Michigan Unemployment Insurance Agency. The information release affects workers whose paychecks are processed by a third-party payroll vendor. A software update installed in October 2016…