Patients who participate in clinical trials expect that their personal information will remain confidential, but a recent study led by Dr. Khaled El-Emam, Canada Research Chair in Electronic Health Information at the CHEO Research Institute, found that the security practices used to transfer and share sensitive files were inadequate. The two-part study, entitled “How Strong…
Data Resellers Liable for Downstream Security Failures
Leslie Fair of the FTC comments on recent settlements that were reported earlier this month: Of course, no legitimate business would put out a welcome mat for crooks. But as the FTC’s data security cases make clear, that’s the effect when companies fail to take reasonable steps to secure sensitive information in their possession —…
Web glitch allowed access to others’ data
Adam Jones reports: A glitch in a new online state program allowed people to retrieve personal identification data associated with vehicle registration without asking users to verify they had legal authorization to access the records. The online search tool was removed from the Alabama Motor Vehicle Division website last week after being on the Internet…
The West Virginia Attorney General’s Office statement on CAMC breach
West Virginia Attorney General Darrell McGraw today announced actions by his office and the Charleston Area Medical Center (CAMC) to secure the private information of 3655 patients affected by a data breach on a website set up for CAMC. The breach occurred within the research subsidiary of CAMC – the CAMC Health Education Research Institute…
Contractor error exposed Charleston Area Medical Center’s Research Institute patient data on web
Statement by Charleston Area Medical Center: We wanted to let you know about a security incident that occurred at Charleston Area Medical Center’s Research Institute, which involved the personal information of some of our patients. On February 8, 2011, we learned that one of our databases containing information about 3655 patients had security vulnerability. The…
No Evidence Of Online Records Breach By Vodafone Claims Privacy Commission
David Richards reports: The Australian Privacy Commissioner who recently initiated an investigation into claims that Vodafone billing and call records for up to four million customers were openly available online has concluded that Vodafone did not have adequate levels of security in place to protect personal information, however there was no breach as claimed by…