Mary Ann Roser reports: An Austin lawyer threatened to pursue a new federal lawsuit Monday after learning that some newborn blood samples in Texas went to the U.S. military for potential use in a database for law enforcement purposes. The Department of State Health Services never mentioned the database to Jim Harrington, director of the…
22 charged in NY identity fraud ring
Authorities announced charges Tuesday against 22 people involved in an alleged identity theft ring. Seven of them, including two New York City-based employees of the Department of Motor Vehicles, allegedly sold more than 200 New York state driver’s licenses and other identification documents in stolen identities, netting more than $1 million. In addition, 15 customers…
Ninth Circuit addresses "actual damages" under the Privacy Act
I posted this yesterday to PogoWasRight.org but then it dawned on me today that since this involved medical information, I should have posted it here, too: A new ruling from the Ninth Circuit in Cooper v. FAA addresses the meaning of “actual damages” in the Privacy Act. The case arose when federal agencies shared information…
Ca: Alarming breach in privacy investigated at London school
An armload of personal documents — health records and criminal record checks among them — was found carelessly tossed out by a private vocational school in London, an alarming breach of security, the school’s director says. The bulk of the documents included criminal record checks, transcripts, diplomas, doctors’ notes, immunization and vaccination forms, health card…
Another business sues its bank over unauthorized ACH transactions
Brian Krebs on another case where a business is suing its bank over unauthorized transactions that were not credited or reversed by the bank: On Feb. 10, Hudson, N.H. based Cynxsure LLC received a voicemail message from its bank, Swift Financial, a Wilmington, Del. institution that focuses on offering financial services to small businesses. The…
HHS starts to reveal healthcare breaches reported to government
When HITECH was passed as part of the stimulus bill, it introduced new data breach notification requirements, including a requirement that breaches of unsecured personal health information held by covered entities or their business associates affecting more than 500 individuals be reported to the U.S. Department of Health & Human Services. The requirement was somewhat…