Matt Fisher writes: Healthcare organizations are learning tough lessons that actions of employees can come back with serious consequences to the organization. When it comes to maintaining the privacy and security of patient data, no action comes without a consequence. While some actions are completely uncontrollable, that does not necessarily mean that liability cannot potentially…
Search Results for: HCA
Virginia Hospital Must Answer for Snooping Employees’ Privacy Breach
From Bloomberg Law: A Virginia health-care system will have to answer claims that it is liable for its employees’ snooping into a patient’s confidential health information. A Virginia trial court shouldn’t have dismissed Lindsey Parker’s complaint alleging Carilion Healthcare Corp. and Carilion Clinic should be held liable for their employees’ wrongdoing, the Virginia Supreme Court…
Third of US data breaches happen in hospitals
Anthony Spadafora reports: After a recent series of aggressive phishing attacks on NHSmail, cyber security provider Cofense has compiled a new report using shared US client data to reveal how much of a danger future phishing attacks could become in the UK. The report, entitled Say Ah: A Closer Look at Phishing in the Healthcare…
EE: Personal and sensitive information of children publicly available for years
As I was just saying in the post about the Girl Scouts breach, children’s medical information can be breached in so many ways outside of the healthcare sector. And that’s true outside the U.S. as well. Priit Pärnapuu provides a concerning, but timely, example from Estonia: Schools’ information system EKIS allowed anyone to read and…
CA: Data breach may have exposed personal information of 3,000 Girl Scouts of Orange County
Children’s medical alerts and health conditions may be breached in so many ways outside of the healthcare sector. Schools, sports clubs, camps, and yes, boy scouts and girl scouts, are just some of the organizations that may hold sensitive information that gets breached, with no report needed to HHS. Alejandra Reyes-Velarde reports: Members of the…
Children’s Hospital of Philadelphia Provides Notice of Two Email Incidents
A press release issued October 23. It does not indicate the number of patients affected by each of the two incidents or how the attacker(s) gained access to employee email accounts. Children’s Hospital of Philadelphia (CHOP) is providing to the parents or guardians of some of its current and former patients notice of two recent…