Phil Rogers, Katy Smyser and Alexis Positano report that a tenant renting a house from a psychiatrist has repeatedly reported that there are now thousands of patients’ files being stored, inadequately secured, in the basement – but no one seems to be doing anything about it – including HHS. According to the reporters: Through his…
Category: U.S.
Vermont Department of Labor details data security breach at third party Vendor
America’s Joblink Alliance – a provider of the nationwide web-based database Joblink, which is used by the State of Vermont – has notified the State that the job seeker functionality of its website was compromised by a malicious software. The Joblink system, which is also used by nine other states, is a standalone system and…
UNC Health Care notifies 1,300 prenatal patients of potential breach
Abbie Bennett reports: UNC Health Care is alerting its prenatal patients that their confidential medical information may have been shared with their home county, including Social Security numbers, sexually-transmitted disease information and more. Women seen for prenatal appointments at two UNC Health Care obstetric clinics between 2014 and 2017 may have filled out a form…
Saks Fifth Avenue Exposed Personal Info On Tens Of Thousands Of Customers
Leticia Miranda reports: The personal information of tens of thousands of customers of Saks Fifth Avenue has been publicly available in plain text online, BuzzFeed News has learned. The online shopping site for the brand is maintained by the digital division of its owner, the Canada-based Hudson’s Bay Company. Until recently, unencrypted, publicly accessible web…
DA launches criminal probe into St. Charles breach
The St. Charles Health System may think they’ve met all their obligations in their handling of an insider snooping incident, but Deschutes County District Attorney John Hummel says the matter should have been reported to them for criminal investigation. Now that’s interesting to think about. If a covered entity is convinced that an employee snooped…
No, you can’t defend your reputation if it means revealing PHI without the patient’s consent
Here we go again, it seems. No matter how irate you may be a patient’s bad review and no matter how unfair you think it may be, no, you cannot just reveal their protected health information without their consent – even if they revealed some of it themselves. Patrick Danner reports: A San Antonio doctor…