I guess I wasn’t the only one surprised by the Third District Court of Appeal’s dismissal of a lawsuit against Sutter Health for violations of California’s Confidentiality of Medical Information Act (CMIA). The justices had unanimously held that the CMIA wasn’t triggered because there was no evidence that anyone even looked at the stolen protected health information, much…
Are Patient Privacy Laws Being Misused to Protect Medical Centers?
by Charles Ornstein ProPublica, July 24, 2014, 11:30 a.m. This story was co-published with NPR’s “Shots” blog. In the name of patient privacy, a security guard at a hospital in Springfield, Missouri, threatened a mother with jail for trying to take a photograph of her own son. In the name of patient privacy , a…
FTC Commissioner calls for more data security in health apps, devices
At a Tech in Policy event sponsored by Washington, D.C. newspaper The Hill, FTC Commissioner Julie Brill made it clear that the FTC is aware of recent concerns about health app data privacy and security and is looking into new ways to police the industry. Read more on MobiHealthNews.
Extending Cybersecurity Breach Notice Requirements to Intelligence Community Contractors
David Fagan, Susan Cassidy, and Catlin Meade write: As an indicator of the continuing focus of government authorities on cybersecurity breaches and potential notification requirements, certain contractors for the federal government may soon face new rapid reporting requirements for successful network penetrations. Specifically, President Obama signed the 2014 Intelligence Authorization Act (“2014 IAA”) into law on July…
JP: Gifu police leak data to private company on local opposition to turbine project
As reported by the Asahi Shimbun: Officers with the Gifu Prefectural Police leaked personal information to a Chubu Electric Power Co. subsidiary about residents and others opposed to a plan to construct wind turbines in their neighborhood. Their actions could constitute a violation of the Local Public Service Law that imposes confidentiality obligations on local…
ZA: How to wreck customer relations
Wendy Knowler reports: As corporate mess-ups go, it was pretty big. A “pre-legal credit controller” employed by cellphone service provider Altech Autopage sent an e-mail to 45 of its subscribers earlier this month, many of them former subscribers, telling them to pay up or face the consequences. “We refer to your Altech Autopage account which…