Two heads are better than one. Evan Francen noticed a breach report on the New Hampshire Attorney General’s site that I apparently missed back in July. A laptop containing confidential and personal information of clients of attorney George R. LaRocque, Jr. was stolen during a home invasion. Read more about the incident with Evan’s commentary…
Stolen Ault Chiropractic Center computers contained patient info
Ault Chiropractic Center in Indiana has notified HHS that computer theft on September 15th affected the PHI of 2,000 patients. There is no notice on their web site as of the time of this posting so I don’t know precisely what types of information were on the stolen and whether there was any encryption or…
Data Breach Investigation | Constitutionality | Arbitrary, Capricious?
Benjamin Wright is an attorney who teaches e-discovery, data security and cyber investigations law at the SANS Institute. In commenting on the recent matter of Lucile Salter Packard Hospital being fined for not notifying patients within 5 days of confirming that PHI were on a stolen computer, Wright states: Yet I will say that it…
UK: IT manager at Hull PCT pleads guilty in snooping charges
As a follow-up to a case reported on this blog previously: Dale Trever, 22, a data quality manager at Hull Primary Care Trust, has pleaded guilty to snooping through patients’ medical records over 400 times. Most of them were the records of family members, friends, and colleagues. Anh Nguyen reports in Computerworld (UK): At Hull…
Hannaford Litigation Ruling Finds Plaintiffs Cannot Prove Damages
Andy Serwin of Foley & Lardner comments: Harm in the privacy litigation context is a difficult concept for plaintiffs to prove. There have been a number of cases that have ruled that plaintiffs cannot meet their burden and prove damages sufficient to state a claim. Courts have consistently ruled that plaintiffs cannot easily meet their burden…
Update/Pointer: East and North Hertfordshire NHS Trust hospital identified
Lister Hospital was the hospital involved in the recent East and North Hertfordshire NHS Trust incident where a junior doctor left a flash drive with unencrypted patient information on a train. More here.