The Office of Inadequate Security
From OneBlood: OneBlood, the not-for-profit blood center serving much of the southeastern United States is experiencing a ransomware event that is impacting its software system. OneBlood is working closely with cyber security specialists, and also federal, state and local agencies as part of their comprehensive response to the situation. “OneBlood takes the security of our…
On July 29, the Department of Justice filed its opening brief in its appeal of Conor Fitzpatrick’s (“Pompompurin’s”) sentence. The issue at the appellate level is “whether the district court abused its discretion in sentencing Fitzpatrick to a 17-day time-served sentence for possessing child pornography and creating and operating the largest English-language data breach forum…
Daniel Payne, Ben Leonard, and Chelsea Cirruzzo report: THE LIABILITY QUESTION — State lawmakers, concerned by what they consider to be overreaching class-action lawsuits against health care organizations over data breaches, are moving to curb liability for them, Ben reports. Tennessee is the latest in a string of states to move to reduce liability for organizations that adopt…
Northeast Rehabilitation Hospital Network (“NRHN”) is a comprehensive network of physical rehabilitation services that includes four inpatient hospitals and 25+ outpatient rehabilitation clinics. It also provides pain management and specialized pediatric outpatient rehabilitation. On July 19, NRHN notified the U.S. Department of Health & Human Services (HHS) of a “hacking/IT incident” that affected 501 patients. The “501” is…
Haven’t seen a postcard health data breach in a while, but here we are. WBRC in Birmingham Alabama reports The UAB School of Nursing has informed 1,655 patients this week of an incident in which a study recruitment postcard sent to the patients inadvertently shared protected health information (PHI). According to a press release from…
Another legal services vendor discloses a breach: Compex Legal Services Inc. (“Compex”) recently discovered an incident that may have impacted the privacy of information related to certain individuals. Compex provides record retrieval and litigation support services to insurance carriers, third party administrators and law firms. As Compex continues to investigate and work toward notifying impacted…