So we’ve all read breach reports about employees or former employees stealing patient data to go start a new competitive practice or to help their new employer. And a blog post on Dental Practice Marketing and Management by Jim Du Molin about a dental hygienist stealing patient data for her new place of work read…
Data breach at MassTaxConnect exposed businesses’ info
Joshua Miller reports: A data mix-up on a state tax portal inadvertently made private data from about 16,500 business taxpayers viewable to other companies, potentially even competitors. The breach lasted from Aug. 7, 2017, through Jan. 23, 2018, and allowed some companies to view other business’s names, federal employer identification numbers, tax payments, and other…
Consequences for HIPAA violations don’t stop when a business closes
There’s a new settlement announcement from HHS OCR that makes clear that even if an entity closes its doors, any HIPAA enforcement action continues: A receiver appointed to liquidate the assets of Filefax, Inc. has agreed to pay $100,000 out of the receivership estate to the U.S. Department of Health and Human Services (HHS) Office…
In Congressional Testimony, EPIC to Call For Comprehensive Privacy Law, New Privacy Agency
From EPIC.org: EPIC President Marc Rotenberg will testify before the House Financial Services Committee this week. Rotenberg will say that “Data breaches pose enormous challenges to the security of American families, as well as our country’s national security.” EPIC will call for comprehensive data protection legislation and the creation of a federal data protection agency….
UK: ICO releases Q3 data security incident trends
The Information Commissioner’s Office has released Q3 statistics on data protection incidents reported to their office. Not surprisingly, reports were up. Some of their key statistics: Central government sector reports rose by 178% from Q2 (from 9 to 25). Incidents involving a failure to redact data increased from 1 to 11. Education sector incidents rose by…
This time, students’ records left behind
Barb Ickes writes: The 6-year-old’s psychological assessment is marked “confidential,” yet, there it is in my inbox. I didn’t read it. Finding it in my email felt wrong enough. But I understand what Jim Ziebell was doing. He was offering an example of the records that were left behind at a former school in Lost…