The U.S. Department of Health & Human Services(HHS), Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on impermissible disclosure of protected health information (PHI). St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid HHS $387,200 to settle potential violations of the HIPAA Privacy Rule…
Medical device containing patient information stolen from DePaul Hospital
Samantha Liss reports: SSM Health has notified 836 patients that their personal information may have been compromised after a medical device was stolen from DePaul Hospital. The device looks like a laptop and that’s likely why it was stolen — not because it contained patient information, SSM Health, owner of DePaul Hospital in Bridgeton, said…
Update: Case Involving Sharing of Passwords May Be Headed to the Supreme Court
Jeffrey M. Schlossberg of Jackson Lewis writes: Last August, we reported on a Ninth Circuit case in which a former employee was convicted of a crime under the Computer Fraud and Abuse Act (“CFAA”) for accessing and downloading information from his former company’s database “without authorization.” The former employee has now asked that the U.S. Supreme review the Ninth…
Where is the future of HIPAA enforcement headed?
Ira Parghi of Ropes & Gray writes: Since January 2016, the OCR has entered into resolution agreements with, and imposed Corrective Action Plans (CAPs) on, providers and others in at least 12 matters involving the Security Rule. It has also imposed a Civil Monetary Penalty on one entity. Most of these cases involve stolen, unencrypted…
Eighth Czech man may be taken into custody over police data leak
CTK reports: The State Attorney’s office has proposed that the eighth man be taken into custody in the case of leak of information from Czech police databases, state attorney Petr Sereda told journalists today, adding that in all, 18 people have been accused in connection with it. Sereda said the Municipal Court in Brno had…
Hackers may have names of thousands of Florida gun owners
Andrew Ruiz reports: The Florida Department of Agriculture and Consumer Services is warning customers that hackers may have obtained the names of more than 16,000 people who have Florida concealed weapon permits. The data breach that appears to have originated from overseas affects people who entered information through the department’s online payment system. Read more…