NIST has released its draft Interagency Report (IR) 7497, Security Architecture Design Process for Health Information Exchanges (HIEs), which is intended: to provide a systematic approach to designing technical security architecture for the exchange of health information that leverages common government and commercial practices and that applies them specifically to the HIE domain. This…
Medicare Launches Medicare Personal Health Record Choice Pilot
The Centers for Medicare & Medicaid Services (CMS) today announced the launch of the Medicare PHR Choice Pilot in Arizona and Utah. This pilot program will offer beneficiaries with Original Medicare the opportunity to choose one of the personal health record (PHR) products offered by the companies selected for the pilot. PHRs will allow beneficiaries…
UK: Cards compromised in petrol station fraud
More than 40 debit and credit cards have been compromised at a service station in Northamptonshire. About 45 people have had their bank cards compromised after using them to buy goods and services at the Shell Service Station on the A5 at Paulerspury near Towcester. Shortly after the cards were used at the station, they…
OR: Stolen computer contains participants’ personal information
A laptop computer containing data files for Youth Transition Program (YTP) participants was stolen from a University of Oregon employee near the end of October, and some of those files contained the names and social security numbers of YTP participants. The theft appeared to be random and the computer was password protected. There is no…
Additional information on the Wyndham breach
As a follow-up to the blog entry on a hack of Wyndham, a copy of their October notification sent to at least one state attorney general is now available online. That notification indicates that: In mid-September, a WHR [Wyndham Hotels and Resorts] data center administrator detected unusual activity on one of the company servers located…
And yet 21 more breaches we didn’t know about
Thanks to Dave Shettler of OSF, 131 breach reports submitted to Maine in 2008 are now uploaded and available to the public as primary sources. Our efforts to obtain more breach reports under FOI continue, but OSF could really use some volunteers to help enter all of the newly acquired records in the database. If…