Virginia Tech gunman Seung Hui Cho had been treated at the college’s counseling center before the shooting rampage in which he killed 32 students, contradicting earlier accounts of his psychiatric history, according to newly discovered mental health records located in the home of the center’s former director. According to a memo written by a university…
Baseball's Use of DNA Raises Questions
Confronted with cases of identity and age falsification by Latin American baseball prospects, Major League Baseball is conducting genetic testing on some promising young players and their parents. Many experts in genetics consider such testing a violation of personal privacy. Federal legislation, signed into law last year and scheduled to take effect Nov. 21, prohibits…
Nevada’s Security of Personal Information Law Post Two: The Breach Notice Requirements
From the FAQ provided by InfoSecCompliance: What triggers the security breach notice obligations under the Security Law? In order for the breach notice requirements to be triggered under the Security Law two general events must occur (with some sub-requirements discussed further below). First, there must have been a “breach of the security of the system…
HSBC fined for personal data loss
Three HSBC firms have been fined more than £3m for failing to adequately protect customers’ confidential details from being lost or stolen. The Financial Services Authority (FSA) said customer data had been lost in the post on two occasions. The firms concerned are HSBC Life UK, HSBC Actuaries and Consultants, and HSBC Insurance Brokers. […]…
UK: Patients' records may have been accessed by hackers
Hackers managed to infiltrate phone systems at a Bodmin hospital and St Austell doctors’ surgery and could have accessed confidential medical information about patients. Phone systems at Bodmin NHS Treatment Centre and Polkyth Surgery in St Austell were both hacked into by people trying to use the systems to make their own calls. Bodmin Treatment…
Multiple EHR certifying entities proposed
While people are kicking around certifying EHR systems, core issues of consent have not been adequately addressed. So what are we certifying — that System A will comply with laws and standards that stripped you of your right to control who has access to your electronic health records? Initial recommendations of the federal HIT Policy…