From the incomparable World Privacy Forum: Do I have to give permission for my medical information to be in a Health Information Exchange? HIE stands for “Health Information Exchange.” A health care provider does not need your permission to share your medical information for treatment purposes within an HIE, just as a doctor does not need permission to…
Many HHS investigations still open years later?
If you’re hoping that HHS will do anything about the recent Community Health Systems breach affecting 4.5 million patients across the country, don’t hold your breath. Not only is the incident not even up yet on HHS’s public breach tool, where it will become the second largest breach since such public reporting went into effect…
Update: UPS Store breach involved 105,000 transactions
Mathew J. Schwartz has more on the recently disclosed malware breach that impacted 51 UPS Store franchise centers. Read his report on InfoRisk Today
Heartbleed Not Only Reason For Health Systems Breach
Community Health Systems’ bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say. Read more on Dark Reading. If HHS wants to go after CHS, this article certainly lays out the technical security safeguards that may not have been in place.
Heartbleed Not Only Reason For Health Systems Breach
Community Health Systems’ bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say. Read more on Dark Reading. If HHS wants to go after CHS, this article certainly lays out the technical security safeguards that may not have been in place.
Interactive Map of Breach-Notification Laws in the EU
Interactive Map of Breach-Notification Status European member states are in the process of adopting laws and regulations that require businesses operating in their countries to notify government agencies and affected individuals when they experience breaches of personal data. Even as the EU Directive on Data Protection is being reviewed and might be replaced by a…