Tuesday, October 21, 2014

Hospital Insiders Breach Toronto Mayor's Privacy

Two hospital employees breached Toronto Mayor Rob Ford's privacy by snooping in his medical records, according to the hospital where he was treated.

In Canada it is a Personal Health Information Protection Act offence to collect, use or disclose personal health information, said acting information and privacy commissioner of Ontario Brian Beamish. Any individual found guilty of the offence can be fined up to $50,000 and any organization, up to $250,000

"Two hospital staff members breached privacy when they “inappropriately accessed” Mayor Rob Ford’s health records." - Hospital spokesperson
The hospital reported that an audit discovered the breaches. While it is not uncommon to closely monitor access to VIP medical records monitoring of access to every patient is not as widespread. Healthcare organizations can monitor access to all patient records, by all staff, with low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Mayor Rob Ford's privacy breached, hospital says - www.TheStar.com,10/16/2014

Monday, October 20, 2014

Police Chief Sentenced for Data Privacy Breach

An Ohio police chief pleaded guilty to misusing the Ohio Law Enforcement Gateway to obtain information on people for purposes unrelated to law enforcement. The online secure network shares criminal-justice data among law-enforcement agencies, and is supposed to be used only for official business.

He was sentenced to six months in prison, suspended to a year’s probation for unauthorized use of property. According to the Ohio attorney general, this former police chief can never again be a sworn officer in the state.

"The police chief...misused the Ohio Law Enforcement Gateway to obtain information on people for purposes unrelated to law enforcement." - The Columbus Dispatch
It is unclear how these breaches were discovered. Organizations seeking to proactively detect privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Former Laurelville police chief gets probation for system snooping - www.ColumbusDispatch.com,10/17/2014

Friday, October 17, 2014

Update on Class Action Lawsuit for Hospital Privacy Breaches

This is an update regarding the class action lawsuit against a Tennessee based hospital group for a breaches of patient privacy.

The hospital's data breach compromised personal patient information including names, addresses, credit card numbers and Social Security numbers. The plantiffs' attorney attorney has said the hospital was "also slow to detect the breaches and take corrective acction."

"[The hospital] was also slow to detect the breaches and take corrective action."
- Turner W. Branch, senior partner of the Branch Law Firm
Healthcare organizations can counter such charges by utilizing low-cost on-demand SaaS analytics services to rapidly detect privacy data breaches.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Class action lawsuit filed against CHS - www.Clinical-Innovation.com, 10/10/2014

Thursday, October 16, 2014

Board Member Leaked Student Data to Mental Health Provider

A Virginia School Board member leaked disciplinary files on at least 20 students to a vendor that provides mental health services.

Reportedly, some at the school were not aware that board members could access student records. The school district is conducting a full investigation of the breach and notifying parents of the students' involved.

"Student records are not public records...they contain not only education information but health information as well."
- Bill Bosher, former school superintendent
The breach of confidential student information was discovered by a third party. Organizations seeking to proactively detect privacy data breaches, even by authorized users, can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Top Opinion System Must Protect Student Privacy - www.TimesDispatch.com, 10/12/2014


Wednesday, October 15, 2014

HHS Names Savage as ONC Chief Privacy Officer

The Department of Health and Human Services (HHS) has named Lucia Savage, Esq. as the new chief privacy officer of the Office of the National Coordinator for Health IT (ONC).

Ms. Savage currently is a senior associate general counsel at insurer United Healthcare. In her role at the ONC she will provide advice to HHS and ONC on developing privacy and security programs to carry out mandates in the HITECH Act. The post will also help set privacy and security programs as ONC moves into post-HITECH initiatives.

"Savage] brings to our team a set of rich experiences at the intersection of health information, privacy, and modernizing the health care delivery system."
- Karen DeSalvo, ONC National Coordinator
"She has stellar qualifications and a passion for health IT. ... I am confident that she will bring her wealth of experience to advance critical privacy and security policies in health IT development and implementation," according to ONC head Karen DeSalvo.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) HHS Names New ONC Privacy Chief - www.HealthcareInfoSecurity.com, 10/14/2014

Tuesday, October 14, 2014

Hospital Faces Class Action Suit for Privacy Breach

A data privacy breach in August has a Tennessee based hospital chain facing a class action suit in New Mexico and six other states. "As a result of the defendants' failure to implement and follow basic security procedures, plaintiff's sensitive information is now in the hands of thieves,” according to the suit.

Usually plantiffs have to prove direct harm as the result of a data breach but hospitals might be concerned about a the precedent set by a class action suit last year against a healthcare plan.

"The problem is that personal information doesn't change. The repercussions of this event could be felt for years."
- Paula Knippa, Slack & Davis, plantiffs' attorney
Healthcare organizations seeking proactive detection of data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Community Health Systems faces data-breach class action - www.ModernHealthcare.com, 10/13/2014

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.