I could have sworn I had posted something about the Primedia (formerly RentPath) breach, but maybe I just tweeted it and forgot to blog it. Thankfully, Jeff Goldman of eSecurity Planet provided a preliminary media report in June. This blog post incorporates an update to the incident. Back in May, attorneys for Primedia notified at…
Tri-State Surgical Associates notifies patients of a disclosure breach
Tri-State Surgical Associates in Elkton, Maryland recently notified patients of a disclosure breach involving their PHI. According to a letter sent by Drs. Lowe and Vaidy, when a physician left their practice in May, he reportedly asked a staff employee for patient contact information so that he could notify patients of his new practice location….
Missing Allscripts backup drive held Mercy Health Systems patient information
It seems that Baltimore-based Mercy Health Systems (Mercy Medical Center) forgot to notify Maryland about a breach involving Maryland residents earlier this year. According to an August 13 letter signed by Chante Tindal, Compliance Generalist: on January 14, MHS’s transcription contractor, Allscripts, reported a missing unencrypted hard drive containing patient information. MHS says this was reported…
Experian reports another breach of its credit report database (update 2)
I haven’t been seeing as many breach reports by Experian this year, which could be a good sign, although it just could be that some states haven’t updated their breach lists in while. In any event, one just showed up on New Hampshire’s site that elevated an eyebrow. In a letter dated September 16 signed…
MN: Judge tosses data breach suit against state
Eric Roper reports: A federal judge has dismissed a series of class action claims against the state, relating to a former Department of Natural Resources employee who allegedly snooped into thousands of drivers license records. Lawsuits against the employee are not impacted by the dismissal. Nor, reports Roper, are the more than 20 lawsuits that have been…
MNsure employee responsible for e-mail attachment breach no longer employed at MNsure
The MNsure employee who erroneously attached a spread sheet with 1,587 insurance agents’ names and Social Security numbers to an e-mail to one insurance agent is no longer working for MNsure. The Associated Press’s coverage adds that the employee violated internal policy by storing unencrypted personal information about Minnesota insurance agents on a computer desktop. The agency…