The public list of breaches reported to HHS under the HITECH Act was updated to add two entries. Both entries are associated with the same business associate: MSO of Puerto Rico. I do not see anything on the web sites of the covered entities or the business associate about the incident nor did I see…
Category: Subcontractor
WA: UW medical records compromised
Mimi Jung reports: An alarming letter was sent to Charles Tomaras from the UW (University of Washington) Medical Center letting him know that someone had stolen his personal information, including his Social Security number, credit card number, birthdate and address….. The hospital says the information of up to 210 people could be compromised and thought…
Call center employee attempts to extort German health insurer
Die Krankheitskarte web site reports: German health insurance company (or rather: sickness fund) “BKK Gesundheit” was eager to outsource its telephone hotline to a virtual call center. In their home offices, the untrained workers then could retrieve data they weren’t allowed to see, including medical diagnoses. They all had access to „an unneccessary huge amount…
TX: Info on UTMB patients may have been compromised
Cindy George reports: Confidential information about 1,200 UTMB patients may have been stolen by a contractor last year. The University of Texas Medical Branch at Galveston mailed letters to the patients whose private information was accessed by an employee of MedAssets, a company hired to assist with billing from third-party payers. The Georgia-based firm employed…
NZ: ACC says sorry for botched mailout
Rachel Tiffen reports: ACC [Accident Compensation Corporation] has apologised “unreservedly” to thousands of businesses and individuals whose private information about workplace injuries was sent to the wrong companies. The corporation sends out 15,000 individual reports each month and yesterday 2000 were mailed to the wrong businesses. In a statement issued last night, general manager Dr…
Possible vendor’s breach may explain some BlackHat attendees being spammed
The following is cross-posted from PogoWasRight.org: Earlier this week, PogoWasRight.org was contacted by an individual who reported that after attending BlackHat 2009, he recently started receiving spam at a unique e-mail address he had created specifically for Breach Security. After receiving spam, he contacted them to change the e-mail address to another unique e-mail address,…