Alex Gecan has an update on an alleged breach that I had noted here with the caution: This sounds like a bitter termination situation and I wouldn’t rush to any judgement on these allegations until there is more investigation or facts revealed. I’ll repeat that caution now. Gecan reports: A local non-profit health center and…
CA: Riverside County Regional Medical Center notified 563 patients about missing laptop with PHI
Here’s yet another case involving a missing (presumed stolen) laptop with unencrypted PHI that was used with a medical device, but seemingly not physically secured enough. This breach involves the Riverside County Regional Medical Center. I recently reported a similar type of breach at a VA medical center in Denver. The following statement was posted on the hospital’s website today: Hospital Patients…
MA: Uxbridge student data was on stolen Medicaid billing laptop
Susan Spencer reports: Parents whose children received services in Uxbridge public schools that were partially covered by the state Medicaid program are being encouraged to request a security freeze on their children’s credit reports after a laptop containing personal information was stolen from a Medicaid vendor’s vehicle. Kevin M. Carney, superintendent of schools, sent a…
Montana Department of Public Health and Human Services notifying 1.3 million after malware inserted in 2013 found on system – Update
Lisa Baumann of AP reports: Montana officials are notifying 1.3 million people that their personal information could have been accessed by hackers who broke into a state health department computer server. […] Montana Chief Information Officer Ron Baldwin says malware was discovered on the health agency’s server May 22. The server contained names, addresses, birthdates,…
Just in Time Research: Data Breaches in Higher Education
Just in Time Research: Data Breaches in Higher Education This “Just in Time” research is in response to recent discussions on the EDUCAUSE Higher Education Information Security Council (HEISC) discussion list about data breaches in higher education. Using data from the Privacy Rights Clearinghouse, this research analyzes data breaches attributed to higher education. The results…
In SEC filing, Medtronic reveals possible patient records loss or deletion
Ah, kudos to Patrick Ouellette of HealthITSecurity.com, who dug into recent reports of a Medtronic breach more deeply than I did. While most media reiterated Medtronic’s claims that no patient data was involved, Patrick reports: Though medical device maker Medtronic revealed that hackers had entered network on two separate occasions last year in its Securities and…