AP reports: Colorado health officials say they accidentally violated the medical privacy of about 15,000 people in a recent postcard mailing. The postcards were mailed as part of a survey sent to people receiving behavioral health services through Medicaid or the Department of Human Services’ Office of Behavioral Health. The breach was announced Friday. Read…
Category: Uncategorized
Georgia Department of Behavioral Health and Developmental Disabilities notifies almost 3,400 of breach
The following notice was posted by the Georgia Department of Behavioral Health and Developmental Disabilities on their web site yesterday. Spoiler alert: they do not say whether any policies requiring encryption or security of mobile devices were violated by the employee who left the laptop in an unattended vehicle. Nor are they offering any free credit…
TX: More veterans personal information may have been shared
If you read the VA’s monthly reports to Congress (as I do), you’ll know that these mis-mailings are all too common. Barry Davis of KENS5 reports: Rich Corey was glad to see a voucher from the VA arrive at his home, so he could go see a doctor outside of the veterans healthcare system. The…
Edmonton man outraged after information breach by Royal Alexandra Hospital
Shallima Maharaj reports: An Edmonton man was left stunned after being discharged from the Royal Alexandra Hospital and discovering the discharge papers he was given were not his own. “I got this gentleman’s paperwork with his Alberta health care number, his birthday, his name. Everything. Everything of this gentleman’s is here,” said Kevin Plican. Plican was also…
In stalled FTC case, LabMD seeks immunity for former Tiversa employee to testify
FTC Administrative Law Judge Michael Chappell has granted LabMD’s unopposed motion to seek immunity for a former Tiversa employee to testify in FTC v. LabMD. The case had been on hold since June when the House Oversight Committee indicated it was investigating the role of Tiversa and its relationship with the FTC. Had that committee…
Ignoring leak reports and inquiries is just asking for trouble
This is an example of how NOT to secure patient information and how NOT to respond when you’re contacted about a vulnerability. Kevin Wetzel of SLC Security Services LLC posted a vulnerability report on Cape Fear Valley Health System in Fayetteville, NC. The vulnerability, first noted by SLC on August 26, was described as the entity leaking…