The Richmond Times-Dispatch reports: Virginia Commonwealth University Health System is notifying about 2,700 people that their or their minor child’s electronic medical records were inappropriately accessed over a three-year period. The university said it has no indication that the private health information has been used for any unintended purposes. The breach was found Jan. 10…
Category: Subcontractor
Brand New Day notifies 14,005 members after breach at vendor
From their press release of March 10: Universal Care, Inc. dba Brand New Day (BND) announced today that it has notified individuals related to a privacy incident involving information stored by a third-party vendor. The incident did not involve information that was stored or maintained on BND’s own systems. On December 28, 2016, BND learned…
Home Depot to Pay Banks $25 Million in Data Breach Settlement
Jeff John Roberts reports: Home Depot has taken another step to move on from its colossal 2014 data breach, which involved hackers stealing email or credit card information from more than 50 million customers by infiltrating self check-out terminals. In a new settlement with dozens of banks, the retailer has agreed to pay $25 million for damages they incurred…
UK: Private health firm fined £200,000 after IVF patients’ confidential conversations revealed online
From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has fined a private health company, HCA International Ltd, for failing to keep fertility patients’ personal information secure. The £200,000 monetary penalty has been issued as a result of an ICO investigation into the way the Lister Hospital was transferring, transcribing and storing records of IVF…
NHS accused of covering up huge data loss that put thousands at risk
Denis Campbell and Pamela Duncan report: Thousands of patients are feared to have been harmed after the NHS lost more than half a million pieces of confidential medical correspondence, including test results and treatment plans. In one of the biggest losses of sensitive clinical information in the NHS’s 69-year history, more than 500,000 pieces of patient data…
OCR investigating CoPilot Provider Support Services breach; former employee lodged complaint
When CoPilot Provider Support Services recently disclosed a security incident that they had known about since 2015, their statements might have led you to believe that a disgruntled former employee had hacked them or misused previously authorized access, and that law enforcement might be looking into criminal charges. If you thought that, you were wrong on both counts. CoPilot Provider Support Services (“CoPilot”) describes itself…