Catherine Richert of Minnesota Public Radio reports: A data security breach at the state’s new online insurance marketplace has prompted two members of Minnesota’s Congressional delegation to write a bill designed to prevent confidential information from being leaked again. Starting Oct. 1, uninsured Minnesotans will be using MNsure to purchase health insurance, and they’ll have…
Windhaven Investment Management notifies customers months after vendor-maintained server was hacked (update 3)
Windhaven Investment Management is notifying clients that a server maintained by an unnamed vendor suffered an unauthorized intrusion several months ago. As a result, customers’ names, account numbers, custodians, and investment positions for their Windhaven account(s) may have been accessed. Neither Social Security numbers nor dates of birth were exposed. Windhaven learned of the intrusion last month, but…
HHS: Statement of Delay in Enforcement of HIPAA Requirement for Certain CLIA and CLIA-Exempt Laboratories to Revise their Notices of Privacy Practices (NPP)
Dated: September 19, 2013 The Office for Civil Rights (OCR) of the Department of Health and Human Services announces a delay in its enforcement of the requirement that certain HIPAA–covered laboratories revise their notices of privacy practices (NPPs) to comply with the modifications made to the HIPAA Rules published in the Federal Register on January 25, 2013…
LabMD Responds to FTC Complaint: Claims Agency Lacks Enforcement Jurisdiction
Just received this press release from Cause of Action with LabMD’s response to FTC’s complaint: Cause of Action (CoA), a government accountability organization, filed an answer to an aggressive and arbitrary enforcement action brought by the Federal Trade Commission (FTC) against LabMD, a small cancer diagnosis company. CoA is defending LabMD against a complaint brought by the FTC in…
Kaiser Permanente lawsuit against former business associate dismissed, but are patient data still at risk?
If you’re a privacy professional or information security professional looking for a cautionary tale or a nightmare case to use in your presentations, this may be it. In reading about this case, however, keep in mind that there has never been any indication that patient misinformation was disclosed improperly or that it has been misused….
LabMD Responds to FTC Complaint: Claims Agency Lacks Enforcement Jurisdiction
Just received this press release from Cause of Action with LabMD’s response to FTC’s complaint: Cause of Action (CoA), a government accountability organization, filed an answer to an aggressive and arbitrary enforcement action brought by the Federal Trade Commission (FTC) against LabMD, a small cancer diagnosis company. CoA is defending LabMD against a complaint brought by the FTC in…