Stephen Joyce reports: Target Corp. will pay $18.5 million to settle state enforcement actions over the retailer’s payment card hacking breach that affected as many as 60 million customers during the 2013 winter holiday shopping season, a coalition of 47 state attorneys general announced May 23. The settlement capped an investigation led by Illinois Attorney…
Category: U.S.
NY: Niskayuna school laptop stolen, 945 students’ personal information on device
The personal information of 945 students, both past, and present, was compromised as a result of a thief stealing the laptop of a Niskayuna school psychologist. The school psychologist had been on vacation in Virginia over the school’s spring break period and their car was broken into and the laptop was taken. The window of…
Calling time of death on HHS’s “breach tool”
I was excited back in 2010 when HHS started posting breaches on what some would call the “wall of shame.” I knew that we’d only learn about breaches involving HIPAA-covered entities, but at least we were finally starting to get some actual data. Now, more than 6 years later, it’s become clear to me that it’s probably best to just call time of death…
Careless handling of HIV information jeopardizes patient’s privacy, costs St. Luke’s-Roosevelt Hospital Center $387k
The U.S. Department of Health & Human Services(HHS), Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on impermissible disclosure of protected health information (PHI). St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid HHS $387,200 to settle potential violations of the HIPAA Privacy Rule…
Where is the future of HIPAA enforcement headed?
Ira Parghi of Ropes & Gray writes: Since January 2016, the OCR has entered into resolution agreements with, and imposed Corrective Action Plans (CAPs) on, providers and others in at least 12 matters involving the Security Rule. It has also imposed a Civil Monetary Penalty on one entity. Most of these cases involve stolen, unencrypted…
Hackers may have names of thousands of Florida gun owners
Andrew Ruiz reports: The Florida Department of Agriculture and Consumer Services is warning customers that hackers may have obtained the names of more than 16,000 people who have Florida concealed weapon permits. The data breach that appears to have originated from overseas affects people who entered information through the department’s online payment system. Read more…