I wish I had a dollar for every mailing error where someone’s Social Security number was exposed in the envelope window or embedded in the mailing address – or where one person’s statement got combined with another person’s in the same envelope. But those kind of mailing errors are nothing compared to a mailing error…
Kaiser Foundation Hospital Orange County – Anaheim Medical Center notifying patients of breach
Kaiser Foundation Hospital Orange County – Anaheim Medical Center is notifying patients of a breach that occurred on September 25. In a letter signed by Julie Miller-Phipps, Senior Vice President, Executive Director of Kaiser Foundation Hospital Orange County, patients were informed that Kaiser Permanente was notified on on September 25 that a flash drive containing patients’ names,…
UK: Your medical records – now on sale
Ross Anderson writes: Your medical records are now officially on sale. American drug companies now learn that MedRed BT Health Cloud will provide public access to 50 million de-identified patient records from UK. David Cameron announced in 2011 that every NHS patient would be a research patient, with their records opened up to private healthcare firms. He promised…
Whose data is it anyway?
John Moore and Rob Tholemeier write: A common and somewhat unique aspect to EHR vendor contracts is that the EHR vendor lays claim to the data entered into their system. Rob and I have worked in many industries as analysts. Nowhere, in our collective experience, have we seen such a thing. Manufacturers, retailers, financial institutions, etc. would…
Evernote tells some users to change their passwords. (Psst! It’s Adobe’s fault…)
Graham Cluley writes: Just like Facebook before it, Evernote has been scouring the list of millions of email addresses and passwords exposed by the recent mega-breach at Adobe. And, if Evernote finds an email address in Adobe’s breached database that matches that belonging to an Evernote user, they are sending them a message telling them to…
Veterans Health Administration Issues Directive Regarding Access To Personally Identifiable Information In Information Technology Systems
WASHINGTON, Nov. 20 — The U.S. Department of Veterans Affairs’ Veterans Health Administration issued the following directive: 1. REASON FOR ISSUE: This Veterans Health Administration (VHA) Directive establishes policy for approving and providing authorized users access to VHA personally identifiable information (PII) in Information Technology (IT) systems of the Department of Veterans Affairs (VA). 2. SUMMARY OF CHANGES: This is a new Directive….