DataBreaches.Net

Anne L. Kim writes: The rise of health apps has expanded the opportunities for individuals’ data to be used for research purposes, policy analysis, and so on. But what are the complexities involved with making sure people are “de-identified” from their own data, so their privacy can be protected? At an FTC workshop today on consumer-generated…

Benjamin Woodard follows up on a situation I noted on this blog in 2013 involving medical records that were abandoned over a decade ago at Edgewater Hospital in Chicago: Demolition crews this week began removing loads of old patient medical records from the vacant Edgewater Medical Center, a month after city inspectors criticized the lack of…

On April 22, I noted that HHS had added a report from Blue Cross And Blue Shield Of Kansas City (“Blue KC”), but that I had been unable to find any information on the “unauthorized access/disclosure” breach that reportedly affected 2,546. It turns out that this was an insider breach involving employee wrongdoing. On April…

On April 22, I noted that Susquehanna Health had notified HHS that 657 patients were affected by a breach on December 5, 2013 involving “Unauthorized Access/Disclosure, E-mail.” I could find no statement on their website at that time. I still can’t find one, but their report to the Maryland Attorney General’s Office provides the missing details. On December…

In this week’s developments, the FTC has filed its response/opposition to LabMD’s motion for summary decision. In other matters, the administrative law judge has denied LabMD’s motions in limine to exclude two expert witness’s testimony, noting that such exclusion would be premature and consideration of what should be excluded needs to be decided within the…