Almost one month ago, the UK’s ICO announced that fines for data breaches were “imminent.” Maybe “imminent” means something different in UK English than in New Yorkese, where we tend to be impatient, but nothing happened. Now Peter Judge of eWeek suggests that, for a variety of reasons, Google might make a good first target….
Should HHS fine entities who experience repeated avoidable security failures?
I’m working on a breach post for later today but started mulling over the question of whether HHS needs to start fining covered entities who have repeat breaches where the entity did not seem to adequately harden their security after the first breach or to really learn from experience. This is 2010. The excuse “we…
TX: Sensitive documents found in a dumpster
Nadia Ramdass reports from KENS 5 in San Antonio about the discovery of documents in a dumpster at Creston Ridge: Materials found in the dumpster included applications filled out by those looking to lease a home on the property dating back to 2008. In addition, forms contained social security numbers, drivers license numbers, birth dates,…
UK: Moving on from the 2007 data loss by HMRC
The loss in 2007 by Her Majesty’s Revenue and Customs of 25 million people’s details was a major warning to the public sector. Rob Buckley says that the private sector should also take heed. SC Magazine has a lengthy article reviewing the HMRC breach and its aftermath, with lessons learned and lessons to-be-learned by the private…
Transparency is no substitute for informed consent in health records privacy
William Pewen wrote a terrific commentary a few weeks ago. If you didn’t read it, read it now. Here’s a snippet: Unfortunately, the congressional approach to medical records has failed to be a truly patient-centered one. Republicans largely view medical information through a business lens and assert that the marketplace will be self-correcting; many Democrats…
Consent and privacy in HIT, redux
Julie Chang reported on a recent Texas Tribune interview with David Blumenthal, the national coordinator of Health Information Technology. Here’s the section dealing with privacy issues, and it follows on the heels of some great reporting by the Austin Bulldog, covered previously on this blog, that revealed how a lot of patient data is being…