Friday, February 27, 2015

Two Plead Guilty to Using Bank Tellers to Steal Customer IDs

Two New York men have pleaded guilty to operating an identity theft ring that involved having bank tellers steal customer data.

Hundreds of customers at several banks in New York, Conneticut and Massachussets had their identities stolen. The theft ring used the information to create false IDs and withdraw money from accounts.

"Using data gained from tellers who cooperated in the ring, [they] stole personal information from hundreds of customers."
- American Banker
It seems the identity thefts were discovered by law enforcement rather than the banks. Financial services organizations seeking to proactively detect thefts of customers' identities can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Two Plead Guilty in New York Identity Theft Case - www.AmericanBanker.com, 01/20/2015

Wednesday, February 25, 2015

Hospital Employee Gulity of HIPAA Criminal Charges

For over one year, from from December 2012 through January 2013, a hospital employee in East Texas stole patients' identities with the intent to use them for person gain. He has been sentenced to eighteen months in federal prison for criminal HIPAA violations.

While to date prosecutors around the country have lodged few cases asserting criminal violations of HIPAA, attorneys say the health care industry's shift to electronic medical records (EHR) will present more opportunities for unauthorized access to protected health data (PHI) that will prompt more criminal actions in the years ahead.

"The conviction of a corporate entity [for HIPAA criminal charges] is certainly allowable and supported by the criminal penalties in the statute."
- James M. Jacobson, partner, Nutter McClellen & Fish
Although criminal prosecutions are expected to continue to focus on individual bad actors, attorney James M. Jacobson said it was not unreasonable to expect some corporate convictions in the next few years that center on “corporate policy or procedures being so lax or nonexistent that ultimately they enabled the rogue employee to act.” Organizations seeking to proactively detect data privacy breaches by employees and contractors can utilize low-cost on-demand SaaS analytics servcies.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Former Hospital Employee Sentenced for HIPAA Violations - www.Justice.gov, 02/17/2015
(b) HIPAA Criminal Charges To Gain Steam As Data Goes Digital - www.Law360.com, 08/14/2014

Tuesday, February 24, 2015

Class-action Patient Privacy Breach Suit to Move Forward

The Ontario Court of Appeal ruled that a class-action suit brought by patients of a local hospital can proceed. The patients allege $5.6 million in damages as a result of inappropriate access to their medical records.

The court said "There is no basis to exclude the jurisdiction of the Superior Court from entertaining a common law claim for breach of privacy and, given the absence of an effective dispute resolution procedure, there is no merit to the suggestion that the court should decline to exercise its jurisdiction." The court also found the hospital responsible for the plantiffs' $24,000 legal fees.

"...given the absence of an effective dispute resolution procedure, there is no merit to the suggestion that the court should decline to exercise its jurisdiction." - Court of Appeal
The case stems from the hospital announcing in the spring 2012 that 280 patients had their privacy breached and seven hospital employees were fired for accessing patient records they were not entitled to view.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) PRHC privacy lawsuit to go ahead - www.ThePeterBoroughExaminer.com, 02/18/2015

Monday, February 23, 2015

Financial Services Employee Steals Customer Data for ID Theft Ring

A Florida woman has been sentenced to ten years and one month in prison for her role in an identity theft tax refund fraud scheme (SIRF).

The woman conspired with several others to defraud the IRS by filing false and fraudulent income tax returns using the names and Social Security numbers she obtained from a relative who worked at a financial services institution. The identity theft ring filed 526 fraudulent returns claiming $5,063,954 in refunds and succeeded in obtaining more than $1.4 million from the IRS.

"[She] obtained the personal identifying information from a relative who had stolen the data from a financial institution where she worked."
- US Attorney's Office, Middle District of Florida
It seems the identity thefts were discovered by law enforcement, rather than the financial institution holding the personal identifying information (PII). Rather than learn about ID theft from third parties organizations can proactively detect identity theft and privacy data breaches with low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) FL: Identity Thief Sentence to More than 10 Years in Prison - www.DataBreaches.net, 01/30/2015

Friday, February 20, 2015

CEO Accused of Trade Secrets Data Theft

The former CEO of on oil and gas producer is being sued for allegedly stealing corporate trade secrets and using them to start a new company and attract investors.

The former employer is seeking the return of all confidential data as well as payment of compensatory and punitive damages.

"The complaint alleges that in his waning days as CEO he squirreled away massive amounts of data, containing “highly sensitive trade secrets.”."
- Forbes
Organizations don't need wait for a former employee to start a competing business to discover their trade secrets have been stolen. Organizations can utilize low-cost on-demand SaaS analytics services to not only proactively detect data theft by insiders but even predict that an employee is about to leave the company.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Chesapeake Sues McClendon, Alleging Theft Of 'Trade Secrets' - www.Forbes.com, 02/17/2015

Thursday, February 19, 2015

Meaningful Use Incentives Top $28B

The Centers for Medicare and Medicaid (CMS) have paid over $28 billion in meaningful use incentive payments to hospitals and healthcare professionals, according to Modern Healthcare.

Reportedly, payments surged late in 2014 because eligible professionals had to meet program requirements for electronic health records (EHR) by year end.

"127,815 eligible professionals had attested to meaningful use for 2014, including 25,312 new participants and 4,090 eligible hospitals had attested to meaningful use for 2014, including 304 new participants ."
-Centers for Medicare and Medicaid
While widespread use of EHRs is expected to improve healthcare delivery it also can increase the risk of breaches of patient privacy and theft of their identities. Organizations seeking to proactively detect data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) CMS Has Doled Out $28B in Meaningful Use Incentives - www.iHealthBeat.org, 02/18/2015

Popular Posts

Copyright © 2010-2011 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.