An inquiry has found “systematic failings” to blame for an error which saw the personal data of hundreds of council workers being published online. The information was released by Dumfries and Galloway Council which has already made an unreserved apology. The mistake saw names, dates of birth and salary details of nearly 900 employees put…
State attorneys general not leaping to embrace HIPAA enforcement
Kimberly Leonard reports: Only two state attorneys general have pursued the authority Congress gave them two years ago to prosecute privacy and security breaches of health information — despite training from federal agencies and a consensus among privacy groups that enforcement needs to improve. […] Experts blame a variety of factors for the apparent disinterest…
NYU Langone Medical Center's Hospital for Joint Diseases Notifies Patients Of Potential Data Breach
Another potential breach at NYU Langone Medical Center, it seems. From their notice, posted August 22: NYU Langone Medical Center’s Hospital for Joint Diseases (HJD) notified patients that documents containing limited personal information were mistakenly discarded, compacted and buried in a landfill outside of New York State. The documents consisted of paper tracking records of…
Yanez Dental notifies over 10,000 patients that their Social Security numbers and birthdates were on stolen computers
Yanez Dental Corporation in California recently reported a data breach to HHS. In a notice on their web site dated June 15, they write, in part: Our dental office was burglarized (5/22/2011). We have reported this incident to the police for investigation. The vandals stole three of our computers among other things. Personal information stored…
Over 82,000 patients in NJ and IL notified of theft of unencrypted drive left by a MedAssets employee in a car
On August 8, the Saint Barnabas Health Care System in New Jersey publicly disclosed a breach involving a Business Associate, MedAssets: MedAssets, Inc., an independent revenue management and supply chain company that provides certain administrative and business services to the Saint Barnabas Health Care System, informed us on July 1, 2011 that an unencrypted external…
Guilty plea in case involving identity info; Electronic Data Systems employee involved
An insider breach at the former Electronic Data Systems flew pretty much flew under the media radar, it seems. A recent press release notes: Alchico Grant, a resident of Montgomery, Ala., pleaded guilty to his role in two tax fraud and identity theft conspiracies, the Justice Department and the Internal Revenue Service (IRS) announced today….