Nicole Gaouette reports: Patients’ advocates claimed victory in a battle over the privacy of health records as the U.S. Congress prepares to vote on the economic stimulus bill, which contains $19 billion for health-care information. U.S. House and Senate negotiators’ compromise reflects stricter standards that privacy advocates wanted for marketing, selling and disclosing health data….
UK: ICO takes enforcement action against Hastings and Rother PCT for data loss
From the press release (pdf) from the Information Commissioner’s Office (ICO): The Information Commissioner’s Office (ICO) has taken enforcement action against Hastings and Rother Primary Care Trust (PCT) following a breach of the Data Protection Act. This is the eighth time the ICO has taken enforcement action against an NHS organisation for breaching the Data…
Ca: Privacy commissioner may investigate City of Regina privacy breach
Joe Couture reports: Contrary to statements made by a City of Regina executive, the Office of the Saskatchewan Information and Privacy Commissioner has not yet decided whether or not to undertake a formal investigation into the breach of privacy announced by the city yesterday. Read more in the Leader-Post
UK: Busy Bees childcare voucher data leak plugged – Update
A UK child care voucher scheme has been taken off line after user Nick Gibbins found that the “web” application was exposing personal data for over one hundred thousand users. Gibbins found that the Busy Bees childcare voucher system was actually implemented using Citrix Metaframe, exporting the user interface from a Windows 2000 application to…
Deal leaves money, language on health IT mostly intact
Andrew Noyes reports: The compromise stimulus deal leaves much of each chamber’s proposed funding for health information technology intact, according to an overview circulated by House Speaker Nancy Pelosi on Wednesday and a preliminary summary of the compromise that was subject to change. […] The package would also expand federal privacy and security protections for…
Physician, heal thyself? Hackers continue exposing vulnerabilities in security firms’ databases
First it was Kaspersky. Then it was BitDefender Portugal. Today it’s F-Secure, but no personal data was accessible. F-Secure posted a response on their site: […] During the last few days a Romanian group has been doing SQL injection attacks on several security vendor’s websites and early this morning they hit us. One of our…