A second former State Department employee pleaded guilty today to illegally accessing hundreds of confidential passport application files, Acting Assistant Attorney General Matthew Friedrich of the Criminal Division announced. Dwayne F. Cross, 41, of Upper Marlboro, Md., pleaded guilty before U.S. Magistrate Judge John M. Facciola in U.S. District Court for the District of Columbia…
Frequently Asked Questions About Family Medical History Information
The U.S. Department of Health and Human Services • Office for Civil Rights has updated its FAQ. 1. Does the HIPAA Privacy Rule limit an individual’s ability to gather and share family medical history information? No. The HIPAA Privacy Rule may limit how a covered entity (for example, a health plan or most health care…
Seventh Day Adventist Church laptop with retirement plan data stolen
On December 13, a laptop computer assigned to an employee of the North American Division of Seventh-day Adventists Retirement Plans was stolen. The computer contained personal information including names and Social Security numbers on 292 residents of New Hampshire; the total number of individuals affected was not reported [pdf]. The laptop was recovered four days…
Innodata Isogen employee data on stolen laptop
Another day, another laptop stolen from an employee’s vehicle. This time, it was Innodata Isogen, who informed the New Hampshire Attorney General that on December 23, a laptop and benefit plan enrollment sheets were stolen from an employee’s car in Wayne, New Jersey. The laptop and benefit plan enrollment sheets contained personal information such as…
Thief steals Continental Airlines laptop with biometric and other personal data
Sometime between December 31 and January 2, a laptop was stolen from a locked Continental Airlines’ office in Newark. The laptop contained personal information on employees, vendors, and new hire candidates. The laptop, which was used for background security checks, contained confidential files on 230 individuals, including their names, Social Security numbers, fingerprint images, dates…
Former Occidental Petroleum employees’ data in security breach
Through its attorneys, Occidental Petroleum Corporation notified the Vermont Attorney General’s office of a breach that was discovered on December 11th. A former employee in Tulsa “accessed and mishandled” personal information by emailing a spreadsheet containing information on former employees to a personal email account. The former employees’ data included names, addresses, birthdates, employee identification…