Pennsylvania-headquartered ReportaClaim.net describes itself as gateway for stand alone companies, professional employer organizations (PEOs), staffing companies, and their clients to submit worker injury reports. In order to do that, they necessarily collect a lot of personal and medically-related information such as the employee’s full name, the employer, the employee’s job position, the date of injury,…
Category: U.S.
WI: EVERSANA reports breach of protected health information that occurred in 2019
EVERSANA, a global commercial services provider to healthcare entities, has disclosed a data breach that occurred between between April 1 and July 3, 2019. The breach reportedly affected patient data stored in a legacy technology environment, which has since been updated. According to their notification, “Upon notification of unusual email activity, the firm immediately conducted…
Alert from OCR: Individual Posing as OCR Investigator
From OCR, this alert: It has come to OCR’s attention that an individual posing as an OCR Investigator has contacted HIPAA covered entities in an attempt to obtain protected health information (PHI). The individual identifies themselves on the telephone as an OCR investigator, but does not provide an OCR complaint transaction number or any other…
Marriott data breach exposes personal data of 5.2 million guests
Keumars Afifi-Sabet reports: Marriott has informed 5.2 million guests that their personal details were inappropriately accessed in a possible data breach. Contacts details, loyalty account information, company, gender, birthday, partnerships and affiliations and room preferences were among guests’ details accessed between mid-January and February 2020. Read more on ITPro.
First-Ever CCPA Cause of Action Filed in a Federal Court, but Is This Class Claim Short-Lived?
Cynthia J. Larose and Natalie Prescott of Mintz discuss a lawsuit previously noted on this site: Fuentes v. Sunshine Behavioral Health Group, LLC. The lawsuit followed a data leak of PHI due to a misconfiguration of a database. The leak was first reported by DataBreaches.net who had alerted the entity to their leak. I’m going…
Medical and military contractor Kimchuk hit by data-stealing DoppelPayme ransomware
Zack Whittaker reports: Kimchuk, a medical and military electronics maker, has been hit by data-stealing ransomware, TechCrunch has learned. The Danbury, Conn.-based manufacturer, which builds electronics for medical equipment, telecoms systems and energy grids, also makes nuclear modules for the Navy, work that often requires security clearance. Read more on TechCrunch.