Daniel R. Stoller reports: A French nongovernmental organization wants Facebook Inc. to pay 100 million euros ($113 million) and fix any problems stemming from recent data security incidents and privacy breaches. The Internet Society of France, a public interest group that advocates for online rights, sent a formal notice to Facebook and its subsidiaries Instagram…
Medical records of 1,216 Upstate University Hospital patients breached by former employee
James T. Mulder reports: An Upstate University Hospital employee inappropriately accessed the medical records of 1,216 patients without a work or job-related reason. Upstate announced it is contacting affected patients and the U.S. Department of Health and Human Services about the privacy breach. The former employee accessed the records between Nov. 3, 2016 and Oct….
PA: May Eye Care notified 30,000 patients after ransomware incident
Ransomware continues to pose a major threat to covered entities, and not surprisingly, an incident reported to HHS in October by a Hanover, Pennsylvania eye care center turned out to be yet another ransomware incident. The practice kindly sent me a copy of the notification letter they sent to 30,000 patients: Dear Sir or Madam,…
Security breach at Nordstrom involving contract worker breached employee data
Benjamin Romano reports: Seattle-based retailer Nordstrom is notifying employees of an information-security breach that exposed their names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and more. Employees across the company received an e-mail notification and apology from co-President Blake Nordstrom on Wednesday informing them of the breach, a company spokesperson…
Ca: Department Failed To Follow Directive Following Privacy Breach: Molloy
Oh …. (insert your preferred three-letter acronym). VOCM reports from St. John’s, NL: The privacy commissioner has found a government department not only committed a privacy breach, but that it failed to follow a subsequent directive from the commissioner. Donovan Molloy says the Department of Transportation and Works relocated a number of paper records to…
NZ: Bank staff exposed for using private information to stalk
Rob Stock reports: “Employee browsing” is a term for when bank staff access customers’ private information for their own uses. And Privacy Commissioner John Edwards says banks aren’t doing enough to prevent it. Following the publication on Monday of a review of bank conduct by the Financial Markets Authority and Reserve Bank of New Zealand, Edwards said banks must…