From the press release (pdf) from the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has found Manchester City Council in breach of the Data Protection Act after the theft of two laptop computers from the Town Hall, one of which contained personal details relating to 1,754 employees at local schools. Neither of the laptops…
AL: Medical records discovered in garbage truck, landfill
Hundreds of medical files with personal and medical details were found in and around a garbage truck at a landfill in Montgomery, Alabama. The records were marked, “Radiology Department, Baptist Medical Center.” Baptist Health uses a third party for some of its record disposal, and a spokesperson said that they are investigating the matter. Source:…
IN: Loan paperwork discovered in Mishawaka shopping center trash
Jim Meenan of South Bend Tribune reports that 80 files containing detailed personal and financial information on loan applications were found in a dumpster: There, right before his eyes, were files of loan applications, complete with names, Social Security numbers and even bank account numbers. Some files were thin, about 10 pages, others an inch…
Case shows need to review privacy laws' effect on safety
Tayler Andrews would have turned a year old last week, on June 16. It was a difficult day for his grandmother and grandfather. They fretted, mourned and re-asked themselves a lot of questions. Why couldn’t we stop it? Why did no one help? Why didn’t anyone listen? You probably recall the recent, sad stories in…
NYS tax department worker pleads not guilty to ID theft
This incident was originally reported in April 2009, but the Associated Press provides additional details on what investigators found. Walter Healey, the former employee, pleaded not guilty on Wednesday on four counts of identity theft, unlawful possession of personal identification, tampering with public records and official misconduct.. Last year, another employee noticed irregularities in packages…
PCI-DSS: Not on health care provider's radar
Health care providers are certainly no stranger to data privacy and security standards related to protected health information (PHI). Although these providers and their respective organizations are well versed in rules, policies and requirements of HIPAA, few are aware that the PCI-DSS rules apply to their businesses and even fewer are compliant. When HIPAA compliancy…