Daniel Barth-Jones writes: In a FierceBigData article which ran last Wednesday, Pam Baker posed some compelling questions regarding a recent “Big Data and Innovation, Setting the Record Straight:De-identification Does Work” whitepaper (.pdf) released by Ann Cavoukian, the Ontario information and privacy commissioner, and Daniel Castro, Information Technology and Innovation Foundation Senior Analyst. Of these, the most salient question was also the…
Category: Uncategorized
Update: CT health exchange: Backpack breach incident likely human error, not criminal intent
Susan Haigh of Associated Press reports that although the investigation is still on-going, it appears that the Maximus call center worker who lost a backpack full of Access Health CT‘s clients’ personal information had no intent to misuse the information.
Laptop stolen from Colorado Neurodiagnostics contained PHI
Kirk Mitchell reports: A laptop computer with patient medical information has been stolen from a little medical business called Colorado Neurodiagnostics, police say. The laptop contains data including patient names, dates of birth and clinical information, according to Kari Hershey, Littleton police spokeswoman. No Social Security numbers, financial information, addresses, or phone numbers were on…
Radiologist bypasses billing system computer security and acquires 97,000 patients’ info from NRAD Medical Associates
Usually when I see an envelope from NRAD Medical Associates, P.C. in my mail, it concerns a radiology bill or insurance matter following services there. But today, I opened the envelope to find a breach notification. Their notification, signed by their president, vice-president, and secretary-treasuresr, begins with the now somewhat pro forma statement about how they are seriously committed to the privacy…
Inside a VA breach investigation
A breach involving the Denver VA center was reported in the VA’s most recent monthly report to Congress. I’m including it here because it shows how thorough the VA can be in investigating breaches – and how time-consuming and labor-intensive it can be when someone neglects security measures like a cable: Incident Summary Two biomedical device laptops were…
Connecticut Governor Signs Pharmacy Reward Program Authorization Bill into Law
Hunton & Williams LLP writes: On June 12, 2014, Connecticut Governor Dannel Malloy signed a bill into law that may require retailers to modify their existing Health Insurance Portability and Accountability Act (“HIPAA”) authorizations for pharmacy reward programs. The law, which will become effective on July 1, 2014, obligates retailers to provide consumers with a “plain language summary of…