The FTC has announced its agenda for spring 2014. Of particular note for this blog, one of the three privacy items on its agenda is consumer-generated and controlled health data – information provided by consumers to non-HIPAA covered sites, apps, and/or devices: Consumer Generated and Controlled Health Data – Date and location TBD Increasingly, consumers are…
Vodafone Iceland breached, customer details, SMSes stolen
Michael Lee reports: Vodafone Iceland is now in the middle of an investigation into how its website was attacked and customer data information, including SMS messages, were leaked to the public. On November 30, the company’s Icelandic website was defaced by attackers and subsequently taken offline. At the time, Vodafone did not believe that any…
Social media and patient privacy – a nurse leader's investigation
Nursing Careers Allied Health has an article on patient privacy breaches when health care professionals use social media. Perhaps the most concerning finding of the study they discuss is that most nurses did not even think that what they were doing was a breach of privacy. From the article: In the Nursing Times study, 27 per…
Over half of Austin, Texas departments don’t even have policies on collecting, storing, or accessing PII – city auditors
Summary from Protection of Personally Identifiable Information (PII) Audit by City of Austin auditors (November 2013): The objective of this audit was to evaluate the process for protecting PII that is collected and/or stored by the City. The audit scope included the City’s policies and procedures related to the protection of PII for Fiscal Year…
Chicago Public Schools’ students’ health data accidentally posted online
Backy Schlikerman reports: A small amount of Chicago Public Schools’ students’ health data was accidentally posted online, but the issue is fixed, the city of Chicago announced Friday. Data collected about some 2,000 student who participate in a free vision examination program provided by the city was “incorrectly configured” and was available on the Internet,…
In California, efforts to reduce health disparities raise privacy concerns
Christopher Cadelago reports: California’s health insurance exchange wants to collect and use data on a raft of sensitive customer information, from race and ethnicity to sexual orientation and gender identity. How officials will tackle the task without running afoul of privacy laws remains an open question. A policy on collecting demographic characteristics – potentially far…