From the Information Commissioner’s Office: An undertaking to comply with the seventh data protection principle has been signed by Worcestershire Health and Care NHS Trust. This follows an investigation whereby the local press were handed a patient handover sheet containing details of 18 patients. The sensitive personal data was found on a table in a…
So how’s 2014 going, you ask? Not well, not well…..
Risk Based Security and Open Security Foundation have released a report for Q1 of 2014. The first bullet gives a good indication of what kind of year 2014 is turning out to be: There were 669 incidents reported during the first three months of 2014 exposing 176 million records. Of especial interest to me were…
Former IRS Employee Sentenced in Identity Theft and Tax Fraud Scheme
Michael Cohn reports: A former Internal Revenue Service employee has been sentenced to four years and nine months in prison in connection a tax fraud and identity theft scheme. Missy A. Sledge, 47, was employed for 12 years by the IRS. According to prosecutors, she worked with other criminals who would file fraudulent tax returns…
Hospital fires employee who provided patient's syphilis records to ex-boyfriend
Over the weekend, more details emerged about the breach at U. of Cincinnati Medical Center that resulted in a patient’s syphilis diagnosis being posted to Facebook. The new details do not totally agree with claims in the woman’s lawsuit. Robert Scalese reports: According to the hospital, it was a financial services employee who accessed the…
Details emerge on Access Health CT breach
There’s an interesting update to the Access Health CT breach. AP is reporting that the owner of the backpack found with enrollee information has been identified, works for a call center vendor, and has been placed on administrative leave. The employee of Maximus – the call center vendor – came forward when he read the…
PayTime Data Breach Hits Some Workers Hard
When we think about consequences of hacks or breaches, let’s not lose sight that people may lose their jobs simply because their data was caught up in an incident – even if there was no evidence that their information was misused. idRADAR.com has a good example of that in the aftermath of the PayTime hack….