Richard Booth QC writes about West London Mental Health NHS Trust (Respondent) v Chhabra (Appellant) [2013] UKSC 80 : It is not unknown for lawyers or doctors to speak on a mobile phone about confidential details of a case while travelling by train. Some of you may even have left case papers out on your seat or…
UK: NHS patient data to be made available for sale to drug and insurance firms
Randeep Ramesh reports: Drug and insurance companies will from later this year be able to buy information on patients – including mental health conditions and diseases such as cancer, as well as smoking and drinking habits – once a single English database of medical data has been created. Harvested from GP and hospital records, medical…
20 million people fall victim to South Korea data leak; FSS calls on financial institutions to improve protections against insider leaks
AFP reports: The personal data of at least 20 million bank and credit card users in South Korea has been leaked, state regulators said Sunday, one of the country’s biggest ever breaches. Many major firms in the South have seen customers’ data leaked in recent years, either by hacking attacks or their own employees. In…
FTC denies LabMD's motion to dismiss
In one of two highly watched cases involving the FTC and data security, the Commission has denied LabMD’s motion to dismiss the FTC’s complaint. In their order denying LabMD’s motion, the Commission writes: Respondent LabMD, Inc. (“LabMD”) has moved to dismiss the Complaint in this adjudicatory proceeding, arguing that the Commission has no authority to address…
OR: DHS sends private info to wrong person
Chris Holmstrom reports: In December, a woman received a Cover Oregon application meant for another person. It contained personal information and medical history. But this week that same woman received highly confidential information meant for someone else from the Department of Human Services. Both packages were addressed to her PO Box in Dallas. “This woman’s…
Starbucks sat on its clear-text password problem for months
Evan Schuman reports: When Starbucks published the new version of its iOS mobile app yesterday to fix its passwords-in-clear-text problem, it demonstrated a seemingly awesome ability to correct a serious security issue in a single day. But was it truly awesome? Not if it knew about the security hole for months. Not if it knew about it before it published the prior iOS app…