Okay, I’ve occasionally blogged about the right to privacy for the deceased, so this article by Jo Marchant in New Scientist really caught my eye. Here’s how it begins: Should we consider the privacy or reputation of the individual when analysing an Egyptian mummy? The assumption that ancient corpses are fair game for science is…
Lucile Packard Children's Hospital Appeals CDPH Fine (updated)
For Release: September 09, 2010 PALO ALTO, Calif. — Lucile Packard Children’s Hospital at Stanford is appealing a California Department of Public Health (CDPH) penalty. The CDPH on April 23, 2010, after the self-reporting of a security incident by Packard Children’s, alerted the hospital that a fine of $250,000 was being levied as a result…
Great resource: Cloutage.org
The good folks at Open Security Foundation have created a database of cloud computing incidents. The incidents are tagged as “AutoFail,” “DataLoss,” “Hack,” “Outage,” or “Vulnerability,” permitting researchers and professionals to analyze different types of incidents. As of this morning, there are 222 incidents in the database as they have backfilled some earlier incidents…
UK: Government presses ahead with Summary Care Records despite privacy threats
Ian Grant reports: The government is to press ahead with its controversial patient summary care record, but the details of what it will contain will be known only later this month. This was revealed by the Department of Health’s director general for informatics, Christine Connelly on Thursday. The summary care record (SCR) is a centralised…
Disgruntled ex-employee hacks CEO’s PowerPoint presentation to display porn
As if we needed yet another reminder of why you need to ensure ex-employees can no longer access the network, the Baltimore Sun reports: It happened one day last year, as more than a dozen board members of a Baltimore substance abuse center had gathered around a conference room. The CEO was giving a PowerPoint…
South Shore Hospital won't provide individual notice. Do they have to?
Joseph Goedert has an interesting article on Health Data Management about the South Shore Hospital breach, focusing on whether South Shore Hospital is required, under HITECH, to notify individuals by postal mail or if they can use the “substitute notice” provisions under Massachusetts law. Goedert writes, in part: According to a new statement on…