Kleiner Perkins Caufield & Byers is a venture capital firm located in Menlo, California. Over the weekend of July 19-20, their building and office security were circumvented and several laptops were stolen. Two of the laptops were used by personnel in their finance department and contained employees’ and partners’ names, contact information, Social Security numbers and…
Northeast Rehabilitation Hospital Network's easily avoidable breach
It’s a really simple concept that some people still have not grasped, even though they presumably received employee training on HIPAA and data protection: Do not take patient data with you that you intend to work on when you’re in public spaces. You may leave it behind.
The FTC’s Controversial Battle To Force Companies To Protect Your Data
Kashmir Hill writes: Hacker conference Defcon has a long tradition of playing “spot the fed,” a game that involves outing government types who attend under the radar to learn about the latest hacking tricks and those who are expert at developing them. There was little challenge in the game this August when it came to…
Three North Dakota University System IT employees put on administrative leave for data breach
An update to a breach previously noted on this blog. Anna Burlson reports: Three North Dakota University System employees who dealt in IT security have been put on administrative leave following a massive security breach last winter. The personal information of more than 290,000 current and past NDUS students was vulnerable for four months before…
FTC Approves Final Order in Case Against GMR Transcription Services
A follow-up on a breach case previously reported on this site. From the FTC: Following a public comment period, the Federal Trade Commission has approved a final order resolving FTC allegations that GMR Transcription Services, Inc., engaged in deceptive and unfair information security practices that exposed the personal information of thousands of consumers online, in…
Video: Do I have to give permission for my medical information to be in a Health Information Exchange?
From the incomparable World Privacy Forum: Do I have to give permission for my medical information to be in a Health Information Exchange? HIE stands for “Health Information Exchange.” A health care provider does not need your permission to share your medical information for treatment purposes within an HIE, just as a doctor does not need permission to…