Tuesday, September 30, 2014

Health IT Salaries Above Average

Health IT continues to be one of the fastest growing careers. These professionals tend to earn a great salary, obtain job security and achieve a high level of job satisfaction, according to a 2014 survey by HealthITjobs.com.

The study found the mean salary for healthcare IT professionals is $89,879.43, with 30 percent also receiving an average bonus of $13,100.52. In addition, 80 percent of those working in the field are satisfied with their jobs.

"health IT professionals can earn a great salary, obtain job security and achieve a high level of job satisfaction."
- 2014 Health IT Jobs survey
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) 2014 HealthITJobs.com Salary Report - www.HealthITjobs.com, 09/28/2014

Monday, September 29, 2014

Schneier on Medical Record Theft, Fraud

Bruce Schneier has highlighted the issue of new types of fraud using stolen medical records for theft and fraud.
"I'm certain that criminals are looking for new ways to monetize stolen data." - Bruce Schneier
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Schneier on Security: Medical Records Theft and Fraud - www.Schneier.com, 09/23/2014

Friday, September 26, 2014

Criminal Charges for MD Who Breached Patient Privacy?

A physician in Canada is facing possible criminal charges for inappropriately accessing the files of 161 young women. In March and in August we posted information about this breach incident.

Based on an investigation and recommendations by New Brunswick's Privacy Commissioner Anne Bertrand, the hospital where doctor works has requested that law enforcement determine if criminal charges should be filed.

"[The physician] accessed the personal health information of 141 females between the ages of 13 and 39 without authorization over a 28 month period."
- Anne Bertrand, Privacy Commissioner, Canada
It is unclear why the privacy breaches occurred over such a long time period and the Privacy Commissioner recommended more frequent audits of access to patient records. Healthcare organizations seeking proactive breach detection can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Vitalité Health refers doctor privacy breach to RCMP - www.CBC.ca,09/23/2014

Thursday, September 25, 2014

Florida Man Sentenced for ID Theft, Tax Fraud

A North Miami man has been sentenced to 42 months in prison for using stolen personal identifying information (PII) from a medical staffing office and filing fraudulent tax returns. The loss amount is $305,500.

The PII from the medical staffing office included names, addresses, dates of birth, and social security numbers.

" [He] was in possession of 611 unique pieces of personal identifying information (PII) of others. Fraudulent tax returns were filed on behalf of at least 16 individuals whose PII was found in [his] residence."
- US Attorney's Office, Southern District of Florida
According to court documents, the ID thefts and tax refund fraud were discovered by law enforcement. Organizations seeking to proactively detect identity theft and privacy breach detection can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) North Miami Beach Resident Sentenced In Identity Theft Tax Fraud Scheme - www.PHIprivacy.net, 09/18/2014br />

Wednesday, September 24, 2014

Healthcare Employees Stole Patient Data?

An Kentucky medical group is investigating a data breach after learning that former employees allegedly stole information from about 3,000 patients.

Allegedly the employees stole the patient information three years ago. The medical practice believes they left to start their own business using the stolen information to contact patients to join them.

"[The medical practice] believes the employees left to start their own business using the stolen information to contact patients to join them."
- 14 News
It is unclear why it took three years to discover the breach. Healthcare organizations seeking proactive privacy breach detection, even by authorized users, can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Data breach at Owensboro medical practice - www.14NEWS.com, 09/23/2014

Tuesday, September 23, 2014

Health Analytics Market $20.8B by 2020

The market for healthcare analytics is expected to grow to $20.8 billion, according to IQ4I Research & Consultancy. Fifty-four percent of senior information technology executives at some of the largest U.S. health systems ranked analytics as their ranked highest IT priority.

Driving this growth are federal mandates, the emergence of big data, aging populations, and the pervasiveness of chronic diseases.

"Senior information technology executives at some of the largest U.S. health systems which found that analytics ranked highest in terms of their respective IT priorities. ."
- Health Data Management
Some are concerned that market grow will be hampered by lack of labor with analytics skills and lack of data confidentiality. Organizations can address both these issues with low-cost on-demand SaaS analytics services.
Learn how Veriphyr Identity and Access Intelligence delivers business insights - with no hardware and no on-site software.
Sources:
(a) Healthcare Analytics Market to Reach $20.8B by 2020 - www.HealthDataManagement.com, 09/24/2014

Monday, September 22, 2014

Insider Patient Privacy Breach Lasted Two Years

An employee of a company which provides hospital physician staffing inappropriately accessed patient information over a two year period, from Sept. 13, 2012 , through June 9, 2014.

Almost 83,000 patients were affected by this breach according the the Department of Health and Human Services (HHS). The information the employee accessed included patient names, dates of birth and Social Security numbers.

"[A company] which provides hospital physician staffing and related services, says that an employee inappropriately accessed the patient information from Sept. 13, 2012 , through June 9, 2014." - PHIprivacy.net
It is unclear why the breaches were allowed to occur for a two year period. Healthcare organizations seeking to proactively detect inappropriate access, even by authorized users, can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Insider Breach Spanned 2 Years - www.HealthInfoSecurity.com, 09/17/2014

Friday, September 19, 2014

Bank Teller ID Theft Ring Broken

Three NY bank tellers have been arrested for allegedly accessed and stealing account numbers and Social Security numbers of hundreds of unsuspecting customers, according to New York Attorney General Eric Schneiderman. The identity thefts resulted in $850,000 in fraud over a four year period.

The stolen information was allegedly given to two co-conspirators who created fake documents so that money could be withdraw from victims' accounts.

"Bank tellers have access to our most sensitive financial information and we must be able to trust that our data will remain safe and secure."
- New York Attorney General Eric Schneiderman
It is unclear why the identity thefts went on for four years. Organizations seeking to proactively detect identity theft and privacy data breaches can utilize low cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) ID Theft Ring Targeted Bank Customers - www.BankInfoSecurity.com, 09/17/2014

Thursday, September 18, 2014

Hospital Insider Fined for Privacy Breach

A Canadian woman has been fined for breaching the privacy of 1,000 hospital patients. She is the first person to be convicted under the province's personal health information act.

While working at the hospital as an accounting clerk the woman inappropriately accessed patient files. "The affect of the breach is far reaching by the accused by mindless meddling into personal affairs," stated the judge.

"[She] accessed more than 1,000 patient files at [the hospital] while working there as an accounting clerk until 2012." - CBC News
It is unclear why the breaches went on for almost a year. Healthcare organizations seeking to proactively detect privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Donna Coburne Fined in Western Health privacy breach - www.CBC.ca, 09/11/2014

Wednesday, September 17, 2014

Insurance Company Insider Arrested for ID Thefts, Tax Fraud

A Florida insurance company employee has been indicted for an identity theft tax fraud scheme.

The woman is alleged to have stolen the identities of clients and then with a co-conspirator filed fraudulent tax returns. She faces multiple years in prison if convicted.

"[She] is alleged to have acquired the identification of others through her employment by an insurance company." - US Attorney's Office, Middle District Florida
It is unclear who discovered the identity thefts. Organizations seeking proactive detection of identity thefts and privacy data breaches can utilize low-cost on-demand SaaS analytics.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) FL: Two Arrested In Identity Theft And Tax Refund Scheme - www.DataBreaches.net, 09/16/2014

Tuesday, September 16, 2014

Woman Sentenced for Role in ID Theft, Tax Fraud

A Mississippi woman, who in March 2014 pleaded guilty to her role in an identity theft and tax refund fraud scheme, has been sentenced to 30 months in prison as well as to pay restitution of $27,579.65.

The woman, along with her co-conspirators, used identities stolen from a medical center as well as a state correctional institution to file fraudulent tax returns.

"[She] pled guilty to her role in a conspiracy to file fraudulent federal income taxes using the social security numbers and dates of birth which had been stolen from [a medical center and a state correctional facility]."
- U.S. Attorney’s Office, Southern District of Mississippi
It is unclear who discovered the ID thefts and tax frauds. Organizations seeking to proactively detect identity thefts and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Mississippi woman sentenced for role in stolen identity fraud case - www.DataBreaches.net, 09/13/2014r />

Monday, September 15, 2014

Bank Employee Sentenced for Insider ID Theft, Tax Fraud

A Financial Services Representative at Florida bank, along with her co-conspirator, were sentenced for an identity theft and tax refund scheme.

According to court documents, she opened fraudulent accounts at the bank with stolen identification information obtained from her co-defendant. Stolen U.S. Treasury checks were deposited into the accounts, and funds were withdrawn via check card purchases,

"as a Financial Services Representative [she] opened fraudulent accounts with stolen identification information obtained from a co-defendant."
- US Attorney's Office, Southern District Florida
It is unclear how the ID theft tax refund fraud scheme was discovered. Organizations seeking to proactively detect identity theft and privacy data breaches can utilize low-cost on-demand SaaS analytics services.
Learn how to proactively detect identity theft and unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Update: Former TD Bank Employee And Co-Defendant Sentenced In Identity Theft Tax Fraud Scheme - www.DataBreaches.net, 09/11/2014

Friday, September 12, 2014

National Health IT Week, 9/15-9/19

From Sept. 15-19, 2014, healthcare industry and policy stakeholders will convene in Washington DC for the Ninth Annual National Health IT Week, a collaborative forum for public and private healthcare constituents to discuss the value of health information technology (IT) for the U.S. healthcare system.

Throughout the week, the Health Information Management System Society (HIMSS) will host a robust line-up of events and activities for reporters and the public centered in the nation’s Capital.

"Health IT—specifically electronic health records (EHRs)--improve the quality of healthcare delivery, increase patient safety, decrease medical errors, and strengthen the interaction between patients and healthcare providers."
- Healthcare Information and Management Systems Society (HIMSS)
Learn how to proactively detect identity thefts and patient privacy data breaches, even by authorized users - with no hardware and no on-site software.
Sources:
(a) National Health IT Week - www.NationalHealthIT.org, 09/11/2014

Thursday, September 11, 2014

Policewoman Fired for Breaching Data Protection Act

A UK policewoman has lost her job for using the police database for her personal use. She has also been fined over £3000.

Her actions were violations of the Data Protection Act as well as Metropolitan Police regulations.

"The offences occurred between August 24, 2012 and April 29, 2013 where she used police computer systems for personal use in breach of the law and Metropolitan Police regulations." - Get West London News
It is unclear why the breaches went on for a year or how they were discovered. Organizations seeking proactive detection of data privacy breaches can utilize low-cost on-demand SaaS analytics services.
Download a white paper on privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Hammersmith and Fulham policewoman fired after breaching police data act - www.GetWestLondon.co.uk, 08/26/2914

Wednesday, September 10, 2014

Cops Accessed Confidental Databases for Dating?

Two California policemen are being investigated for possible felony conduct for inappropriately accessing confidential law enforcement databases to screen women they found appealing on online dating sites.

The men allegedly misused the California Law Enforcement Telecommunications System database, which connects to the Department of Motor Vehicles, as well as state and federal law enforcement records.

"...possible felony conduct relating to their trolling of personals dating websites while on duty and possibly using confidential law enforcement databases repeatedly to screen women they found appealing." - The Daily Republic
The suspected inappropriate use investigation was initiated because a fellow officer reported to his superiors that some of his peers were misusing law enforcement databases. Organizations seeking to proactively detect inappropriate access, rather than learn about it from third parties, can utilize low-cost on-demand SaaS analytics services.
Download a white paper on identity theft and privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Fairfield cops under investigation for possible database checks on potential dates - www.DailyRepublic.com, 09/10/2014

Tuesday, September 9, 2014

Nurse Awaiting Sentencing for Patient Identity Thefts

In June, an Albany New York nurse and her boyfriend pleaded guilty to stealing multiple patient identities and using them to open fraudulent credit card accounts.

The boyfriend has just been sentenced up to 15 years in prison and the nurse will be sentenced soon.

"the [nurse] stole patient identities over the course of a year and then she and boyfriend applied for multiple credit cards and made purchases using those identities."
- PHIprivacy.net
It is unclear who discovered the patient identity thefts which occurred over a one year period. Healthcare organizations seeking to proactively detect identity theft and privacy breaches can utilize low-cost on-demand SaaS analytics services.
Download a white paper on patient identity theft and privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Sentencing in Albany Medical Center breach prosecution - www.PHIprivacy.net, 08/25/2014

Monday, September 8, 2014

Veriphyr CEO to Speak at Society of Compliance and Ethics Institute

Alan Norquist, CEO of Veriphyr, has been invited to speak at the 13th annual Society of Compliance and Ethics Institute in Chicago, September 14-17th. The SCCE is the primary education and networking event for the international compliance and ethics community.

Identity theft and privacy breaches by insiders is in the news almost daily. Norquist will demonstrate how detective controls, such as Identity and Access Intelligence, discover data theft by insiders or intruders posing as insiders. Alan Norquist will also review recent legal trends related to data breaches as well as deliver a tutorial on techniques attendees can utilize to detect identity thefts and privacy breaches at their organizations.

"SCCE's Annual Corporate Compliance & Ethics Institute is the primary education and networking event for the international compliance and ethics community."
About SCCE’s 13th Annual Compliance Institute

SCCE’s 13th Annual Compliance Institute will take place on Sunday, September 14th thru Wednesday, September 17th. SCCE's Annual Compliance & Ethics Institute is the primary education and networking event for the international compliance and ethics community. This four-day conference will help strengthen organizations’ compliance or ethics programs with the latest strategies. Tracks and sessions address classic and developing issues in regulatory compliance, enforcement and program management. The programs will include thought-provoking keynote addresses by industry leaders, panel discussions on the most relevant topics of the day, and presentations delivered by executives of leading public and private organizations.

About Veriphyr

Veriphyr uses patent-pending analytics to pinpoint identity theft and privacy breaches by insiders. The company is led by executives from Cambridge Technology Partners, Imperva, and BillPoint. For more information, visit www.veriphyr.com.

Download a white paper on identity theft and privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) SCCE's Annual Compliance & Ethics Institute - www.ComplianceEthicsInstitute.org, 09/07/2014

Friday, September 5, 2014

Healthcare Provider Employee Stole Patient IDs?

A California healthcare provider is notifying patients that a former employee may have stolen their personal identifying information (PII).

The data that may have been breached includes one or more of the following: name, email address, telephone number, Social Security number, provider information, insurance information, date of birth, and address. Law enforcement, who discovered the privacy breach, believes this information may have been misused by participants in an identity theft ring.

"The [California] organization learned from local law enforcement of an ongoing criminal investigation of a former temporary employee...with the suspicion of [patients'] identity theft."
- IT Business Net
Unfortunately, this is another case where law enforcement, rather than the organization holding the PII, discovered the insider thefts. Organizations seeking to proactively detect breaches can utilize low-cost on-demand SaaS analytics services.
Download a white paper on identity theft and patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) California Healthcare Provider Acts to Notify Individuals of Potential Personal Information Access Related to Former Employee - www.ITbusinessnet.com, 08/29/2014

Thursday, September 4, 2014

Hospital Employee Breaches Patient Privacy for 6 Years

Over a six year period, a clinical employee of a Texas hospital inappropriately accessed 10,604 patient medical records, including names, addresses, dates of birth, and in some cases Social Security numbers.

On July 7, 2014, when the hospital learned of the breaches of patient identities, they terminated the employee's position and began an investigation.

"[the] clinical employee accessed 10,604 patients' electronic medical records outside of the employee's normal job duties from December 2007 to July 2014."
-Hospital officials
It is unclear why the privacy breaches went on for so long and how they were discovered. Healthcare organizations seeking to proactively detect identity theft and privacy breaches, even by authorized users, can utilize low-cost on-demand SaaS analytics services.
Download a white paper on identity theft and patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Memorial Hermann notifies patients of privacy breach - www.KHOU.com, 08/29/2014

Wednesday, September 3, 2014

Employee Sentenced for Insider ID Thefts, Fraud

A former employee of a state correctional facility was sentenced to 20 months in prison for conspiracy to defraud the United States.

She had pleaded guilty to stealing personal identifying information (PII) and giving it to co-conspirators who filed fraudulent tax returns.

" [She] previously pled guilty to stealing personal identifying information, including names and social security numbers, from the [state] Correctional Facility ." - US Attorney's Office, Southern District of Mississippi
It is unclear over what period of time the thefts of PII occurred and who discovered them. Organizations seeking to proactively detect identity thefts and privacy breaches can utilize low-cost on-demand SaaS analytics services.
Download a white paper on identity theft and privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Mississippi woman sentenced for her role in stolen identity fraud case - www.DataBreaches.net, 08/29/2014

Tuesday, September 2, 2014

Privacy Class Action Suits on the Rise

Class action lawsuits related to privacy breaches are on the rise in the US and Canada. With the certification in Canada of Evans v. The Bank of Nova Scotia, the newly introduced "tort of intrusion upon seclusion has become another weapon in the arsenal for the class action plaintiffs’ bar."

The tort of intrusion upon seclusion emerged in Ontario in Jones v. Tsige, a case involving a bank employee who accessed a colleague’s personal information for her own purposes. There are three key features of the tort: the alleged conduct must be intentional and reckless; the defendant must have unlawfully invaded the plaintiff’s privacy; and the invasion must be offensive, humiliating or anguishing.

"When you have a class as big as 500,000 class members, $5,000 in nominal damages times 500,000 or 600,000 could actually be a pretty hefty damage award."
- Molly Reynolds, litigator, Torys LLP
Molly Reynolds, a litigator with Torys LLP, thinks these cases will send a message to organizations holding personal data. She said they need to be sure "they’re minimizing employees’ access to records that they don’t need for the purposes of their job and probably supplementing their ability to monitor whether employees are misusing their internal systems." Such monitoring of access to data can be accomplished with low-cost on-demand SaaS analytics services.
Download a white paper on identity theft and privacy breach detection. Learn how to proactively identify unauthorized breaches of data privacy, even by authorized users - with no hardware and no on-site software.
Sources:
(a) Focus: Privacy Class Actions on the Rise - www.TheLawTimes.com, 09/02/2014

Popular Posts

Copyright © 2010-2017 by Veriphyr Incorporated, All Rights Reserved.

Contact us at Veriphyr.com.