Brian Krebs reports: Sources in the financial industry say they’re seeing signs that Dairy Queen may be the latest retail chain to be victimized by cybercrooks bent on stealing credit and debit card data. Dairy Queen says it has no indication of a card breach at any of its thousands of locations, but the company also acknowledges that nearly…
Third covered entity was victim of rogue Iron Mountain employees
In addition to the more than 49,000 patients of Orthopaedic Specialty Institute Medical Group whose records were allegedly stolen by employees of Iron Mountain and the 10,000 patients of the Long Beach Internal Medical Group whose records were stolen, PHIprivacy.net has uncovered a third victim. The Hand Care Center / Shoulder and Elbow Institute in Orange, California also…
Criminal defense firm joins the ranks of those who have backup drives stolen from cars (updated)
Nothing good can come from a breach notification letter that begins: During the early morning hours on June 27, 2014, a hard drive containing backup files for one of the firm’s servers was stolen from the locked trunk of an employee’s vehicle. Not surprisingly, there’s even more bad news. Vincent M. Imhoff, Managing Director of Los…
Ca: Privacy breach sentencing significant for general deterrence: Crown attorney
Cory Hurley reports: The conviction and sentencing of a former hospital clerk who inappropriately accessed patient records is significant to deter any future breaches, according to Crown attorney Vikas Khaladkar. […] The Crown attorney requested a fine of $7,500 be imposed upon Colbourne, who pleaded guilty to inappropriately accessing 1,043 patient files between June 2011…
Long Beach Internal Medical Group patients also victimized by two rogue Iron Mountain employees
I wouldn’t recommend starting a breach notification letter with “Please take notice that,” but in light of what follows, maybe it was appropriate in this case. It seems that Orthopaedic Specialty Institute wasn’t the only entity that had patient records that had been stored with Iron Mountain stolen. Long Beach Internal Medical Group posted a…
AU data breach notification guide: A guide to handling personal information security breaches
The Office of the Australian Information Commissioner has released Data breach notification guide: A guide to handling personal information security breaches. Some excerpts: Preventing data breaches — obligations under the Privacy Act Security is a basic element of information privacy.4 In Australia, this principle is reflected in the Privacy Act in the APPs Agencies and…