Rob Poindexter reports: Credit card information may have been stolen for some people who bought state park passes on line. The Maine Bureau of Parks and Lands learned in February that their online system for the sale of state park passes, provided by a private vendor, was hacked by “malware.” The breach happened between March…
Now it’s TripAdvisor’s turn to report a compromised email database
Nate Cochrane reports: TripAdvisor.com is the latest organisation to fall prey to hackers, who made off with the popular travel site’s member email list. SC Magazine recommends TripAdvisor subscribers change their passwords as a precaution but not to click on any links from emails purporting to be from the travel community site. You may see…
Ca: Medical records found in Regina recycling bin
Some people just still don’t get it and continue to dispose of sensitive records improperly. From CBC in Canada: Saskatchewan authorities are investigating after several boxes containing the medical files of about 1,000 patients were discovered intact in a paper-recycling bin in Regina. Gary Dickson, the province’s information and privacy commissioner, told CBC News on…
UK: Confidential staff data sent in email by mistake
Katie Clark reports: Personal details of 200 staff from a Christchurch-based housing group were mistakenly emailed to a member of the public. Staff payroll information including names, addresses and dates of birth, as well as the National Insurance numbers of employees at Spectrum Housing were mistakenly emailed out by a member of staff two and…
ANSI and Shared Assessments Launch Initiative to Examine Financial Impact and Harm of Breached Patient Information
Healthcare organizations are struggling with two key concerns today: how to protect patient information and how to better understand the financial harm caused when protected health information (PHI) is lost or stolen. A new project – led by the American National Standards Institute (ANSI), via its Identity Theft Prevention and Identity Management Standards Panel (IDSP),…
ADA Violated When Employer Responds to State Subpoena and Discloses Former Employee's Medical Records
Joseph Lazzarotti writes: The confidentiality of medical records requirement under the Americans with Disability Act (ADA) is violated when an employer discloses a current or former employee’s medical records in response to a state court subpoena absent the employee’s release or some other exception under the ADA, the Equal Employment Opportunity Commission (EEOC) recently held in Bennett…