Several weeks ago, I initiated an inquiry about the breach reports that I expected to see on HHS’s web site. Under the new HITECH Act provisions, covered entities experiencing breaches involving the unsecured PHI of 500 or more patients are required to report the incident to HHS – if the incident meets the “harm threshold”…
Category: Uncategorized
HHS wants contractor to test privacy of 'anonymous' data
Alice Lipowicz reports: Can personal medical data that has been stripped of its identifiers to protect privacy later be used to identify a specific person? That is the question that the Health and Human Services Department is hoping a research contractor can answer. HHS intends to hire a contractor to demonstrate either the “ability or…
Michael Jackson's dad demands medical records
Not for the celebrity aspect, but for the privacy issue: Michael Jackson’s father, Joseph Jackson aka Joe, has subpoenaed UCLA Medical center for Michael’s medical and other records because he believes the records reveal foul play in his son’s death. Brian Oxman, Joe’s lawyer, sent 2 subpoenas to UCLA Medical Center, where Michael Jackson was…
Suits filed over Aurora's use of medical data in bankruptcy cases
Bruce Vielmetti reports: Susan Dandridge knew that when she sought protection in bankruptcy court last year, information about her debts and income would go into a public court file. “It’s old bills and stuff from my earlier life I’m trying to clean up,” said the 53-year-old admissions adviser at Herzing University, a for-profit college with…
Twitter bans 370 ‘obvious’ passwords
The micro-blogging service rejects certain passwords when new users sign up if it thinks they are too easy to guess. However, bloggers recently discovered that the list of banned passwords is embedded in the source code of the page itself. Banned terms include commonly chosen generic passwords, such as “123456”, “password” and “password1”, as well…
UK: Leicestershire police 'strongly support' DNA legislation
Leicestershire police has said it “strongly supports” clearer legislation on retaining innocent people’s DNA. Yet in the past year, the force refused 22 of 24 requests to remove records from its database. This is despite a ruling from the European Court of Human Rights which has said holding the DNA of innocent people indefinitely was…