St. Mary’s Janesville Hospital in Wisconsin, a member of SSM Health Care, posted this statement on their web site today: On August 27, 2013, we received a report that an SSM Health Care laptop was stolen from an employee’s car during a break-in. We are sincerely sorry this happened and want to provide pertinent information…
Updates to HHS's breach tool
HHS has updated its public breach tool again. Let’s start with the ones we already knew about: The Wm. Jennings Bryan Dorn VAMC breach involving a laptop lost in February affected 7,405. The patient data theft involving an employee at South Shore Physicians in New York resulted in notification to 8,000, although the employee was charged with stealing 80…
IN: Telecom Company Being Investigated for Information Breach
An update on the TerraCom breach reported previously on this blog. Brandon Smith reports: The Attorney General’s office updated lawmakers Monday on a nearly five-month long investigation of telecommunications company TerraCom Incorporated. […] Tolliver says a lot of the information the state has obtained has come from the media outlet that first uncovered the breach…
Data Broker Hackers Also Compromised NW3C
In Part II of his latest investigative series, Brian Krebs reports: The same miscreants responsible for breaking into the networks of America’s top consumer and business data brokers appear to have also infiltrated and stolen huge amounts of data from the National White Collar Crime Center (NW3C), a congressionally-funded non-profit organization that provides training, investigative support and research…
A healthcare vendor contract’s required security policies
Some good pointers on what should be included in your contract with vendors, from HealthITSecurity.com.
Ca: Privacy breach reported to patients at Prairie North
John Cairns reports: Letters are going out to 151 patients at Prairie North Health Region informing them of a privacy breach involving their personal information. The employee involved in the breach was not involved in the patients’ medical care, but had improperly accessed the patients’ personal health information between 2009 and 2012, considered a breach…