It’s been a while since I’ve seen any reports of cleaning contractors accidentally disposing of patient records intended for shredding, but a recent report by Austin Pulmonary Consultants may be a useful reminder that all new cleaning vendors or contractors need to ensure their staff knows what is for disposal and what is for shredding. In…
Category: Subcontractor
Indiana Health Coverage Program members notified of breach
HP Enterprise Services LLC (HPE), a Medicaid fiscal agent for the Indiana Health Coverage Program, recently notified HHS of the theft of 1,235 members’ information. The theft was discovered on September 16 and reported to HHS by HPE on November 7. According to a statement provided to media, a laptop bag stolen from an HPE employee’s car…
Open Database Exposes Millions of Job Seekers’ Personal Information
Joseph Cox reports: On Thursday, it emerged that an outsourcing company named Capegemini had left a database containing sensitive information on the open internet, exposing the names, contact details, resumes, and other personal information of potentially millions of people who used a global recruiting firm. The episode highlights the lingering problem of organizations accidentally leaving…
Customers for more than a hundred car dealerships across the US were put at risk because of shoddy database security
Zack Whittaker reports: If you bought a car in the last few years, there’s a good chance your personal information may have found its way to the open internet. Names, addresses, phone numbers and social security numbers for both customers and employees for over a hundred car dealerships have leaked online, all thanks to a…
UK: Missing GP records in Essex, Norfolk and Suffolk ‘total 9,000’
Nikki Fox reports: More than 9,000 patients’ records in Norfolk, Suffolk and Essex have gone missing since a private firm took on transferring files, a BBC survey shows. Capita took on the national contract from the NHS for delivering patients’ records, when people move from one GP to another, in March. The survey of 78 GP…
Business associate breach affected Greenville Health System patients
Back in July, Ambucor Health Solutions reported a breach to HHS that affected 1,679 patients. Their report, submitted as a Business Associate, was coded as “Unauthorized Access/Disclosure – Email,” with the location of the data being “Other Portable Electronic Device.” That incident was included in Protenus’s breach barometer for July, but no additional details were…