Public comments on the consent order in FTC v. Henry Schein Practice Solutions are now available. The FTC will be responding to commenters, but I wanted to note one particular point raised by commenter because I hadn’t considered it when I filed my complaint with the FTC, and I think the commenters are right. Note that I did not submit…
NC: Vidant Health notified employees of data breach
Vidant Health reportedly experienced a data breach earlier this month, affecting employees at its Duplin hospital. Reflector reports that the system released the following statement: “Vidant Health discovered that personal information for Vidant Duplin Hospital employees was subject to unauthorized access by an outside source. The unauthorized access occurred in early February. We notified employees in writing…
Des Moines administrator mistakenly publishes student scores
Jason Clayworth reports: The individual test scores of Des Moines elementary students identified as part of a behavioral needs presentation were posted on a personal website by a school administrator, a likely violation of federal law, a state official said Monday. The color-coded data are three years old and highlighted the names of Lovejoy Elementary…
Jacksonville law firm victim of ransomware
Max Marbut reports: You might think the data stored on your computer at home or work is relatively safe from theft or even tampering. You would be wrong. No one knows that better than attorney Thomas Brown of The Brown Firm. […] The culprits left behind a digital message: Give them $2,500 and they would…
FL: Radiology Regional Center Notifies Patients After Paper Records Fell Out of Vendor’s Truck
Radiology Regional Center, PA, a physician-owned and managed diagnostic facility with nine locations in Florida, announced today that on December 19, 2015, Radiology Regional Center was informed by its records disposal vender (sic), Lee County Solid Waste Division (“Lee County”), that, on that same date, paper records containing the personal information of Radiology Regional Center’s…
22,000 dental patients’ info exposed on unsecured Eaglesoft FTP server
Eaglesoft software by Patterson Dental is a popular patient management system. But just as one security researcher had concerns about patient data security in Henry Schein’s Dentrix G5 software, he’s also had concerns about Eaglesoft, albeit for different reasons. He contacted this site on February 6 and notified CERT of his concern: Eaglesoft does seem to…