KCRA reports: Information regarding approximately 15,000 Kaiser Permanente patients, including about 4,000 people in the Sacramento area, was stolen in December, the organization said Tuesday. Names and medical record numbers — and in some cases age, gender, phone number and general information regarding their medical care — were taken Dec. 1 when an external electronic…
Health Net reports yet another breach
To add to Health Net’s data protection woes, on January 6, it notified the New Hampshire Attorney General’s Office that on September 9, it learned that a report sent electronically to one of its general insurance agents mistakenly contained information belonging to Health Net members who were not clients of that agent. The personal information…
New Chinese Tort Liability Law Contains Provisions Affecting Personal Data
Hunton & Williams provide more details on the newly passed Chinese tort law: Certain of its provisions relate, expressly or in a general sense, to personal information. These provisions can cause data users to incur liability to data subjects for the mishandling of personal information. In particular: The law (at Articles 2 and 6) states…
MGH scandal continues
Hannah Clay Wareham reports: The debacle beginning in March 2009 with the loss of confidential patient records on a Red Line train continues in the new year with allegations of harassment against Massachusetts General Hospital staff. […] Soon after Jacob received the administrative assistant’s e-mail, Jacob says an anonymous caller alerted him to the appearance…
ISP operators among 19 arrested in cyber-fraud case
Robert McMillan reports on the indictment recently reported here that involved raids on some Dallas businesses back in April. You can read his coverage on Computerworld.
UK: Data breaches to incur up to £500,000 penalty
New powers, designed to deter personal data security breaches, are expected to come into force on 6 April 2010. The Information Commissioner’s Office (ICO) will be able to order organizations to pay up to £500,000 as a penalty for serious breaches of the Data Protection Act. The ICO has produced statutory guidance about how it…