A Welsh home care provider has been found in breach of the Data Protection Act after the files of 10 vulnerable and elderly people were found on a street in Neath Port Talbot. The news follows an investigation by the Information Commissioner’s Office (ICO) into the data loss by Neath Care in August 2013. The…
StayWell breach affects over 12,000; how many more not disclosed (update1)
A breach at StayWell Health Management in 2012 resulted in at least three HIPAA-covered entities notifying patients, members, or employees. The incident was posted to HHS’s public breach tool in an update this week. According to HHS’s entries, Missouri Consolidated Health Care Plan notified 10,024 members while Clorox Company Group Insurance Plan notified 520 members and…
Former patient sues St. Helena Hospital over alleged privacy breach
Kerana Todorov reports: A man who underwent drug rehabilitation treatment at St. Helena Hospital in 2012 is suing the hospital and others for allegedly disclosing medical information about his care with an employer and others, according to the complaint filed Monday in Napa County Superior Court. The plaintiff, who is only identified as “John Doe”…
HealthSource of Ohio data leak exposed 8,800 patients' information
HealthSource of Ohio, a private, not-for-profit community health center experienced a privacy breach in November 2013 that affected 8,845 patients. The incident was added to HHS’s public breach tool this week. According to a statement posted on their website on or after February 26th, HSO uses a web-based program to provide information to patients calling with…
Courts Reining In What it Means to be a “Hacker” Under the Computer Fraud and Abuse Act (CFAA)
Ralph C. Losey of Jackson Lewis writes: The Computer Fraud and Abuse Act (“CFAA”) is an anti-hacker statute that prohibits unauthorized access, or the exceeding of authorized access, of computers connected to interstate commerce. 18 U.S.C. § 1030. Violators are subject to both criminal and civil liability. Employers have long taken advantage of the CFAA’s civil remedies to “sue former employees…
Ohio AG seeks harsher ID theft penalties for those victimizing service members
The AP reports: Ohio’s attorney general and two state lawmakers are pushing for harsher penalties against scammers who commit identity fraud and other theft crimes against active-duty service members and their spouses. The bill from Republican state Reps. Mike Dovilla and Terry Blair amends the current identity fraud and theft laws to increase penalties for…