The Colorado Mental Health Institute at Pueblo has found that one of its staff members has been tricked by a phishing scam that possibly allowed the attacker to gain access to the protected health information […]
It is a common misconception that the General Data Protection Regulation (GDPR), which comes into force on May 25th 2018, only applies to businesses and organizations which are based within the EU and that international […]
A Reno-based dental practice in has been hit by a ransomware attack that denied access to dental records and images for five days. The malicious software was installed, during a ransomware attack on October 30, […]
When the General Data Protection Regulation (GDPR) comes into force, in May 2018, its protections will apply to any individual who is living in the EU at the time. This means that any business that […]
Almost 10,000 patients of Columbus Surgery Center, LLC and Eye Physicians, P.C., in Columbus, Nebraska have been impacted by a ransomware attack. The ransomware attack was carried out on October 7, 2017 and hit a […]
Any business which employs more than 250 people, and processes personal data, is required to have a Data Protection Officer (DPO) under GDPR rules. Businesses will need to be compliant with this rule once the […]
The introduction of the General Data Processing Regulation (GDPR), on 25 May, 2018, will regulate the way different member states of the EU deal with the protection of personal data of individuals in the EU. […]
If you think that your company will not be subject to the General Data Protection Regulation (GDPR) because it is not based in a country within the European Union (EU), you may be in for […]
The protected health information of 1,750 patients of Austin Manual Therapy (AMT) may have been accessed and stolen by a criminal who gained access to the group’s system. A forensic review by a leading national […]
The simple answer to the question, “does GDPR apply to employees?”, is that yes it does. Businesses cannot only think about complying with the General Data Protection Regulation (GDPR) in respect of clients, it applies […]
Patients of MidMichigan Medical Center (MMC) in Alpena have been warned of a potential breach of their health data. On November 18, a MMC cardiologist took patient files from the Alpena cardiology office without permission. […]
Under the current European Data Protection Directive, consent is a legally required to hold and process personal data. This will continue to be the case with the introduction of the General Personal Data Regulation (GDPR). […]
NYU Langone Health System has found that files that included a log of presurgical insurance authorizations, relating to around 2,000 patients, was mistakenly recycled by a cleaning company in October 2017. Data in the binder included […]
Disturbing news coming from the US is that a recent survey conducted by HyTrust, security solutions specialists, showed that almost 80% of respondents were not prepared for the introduction of the General Data Protection Regulation […]
Two serious breaches of patients’ protected health information have been discoveredd in Texas and Pennsylvania. Email Account Compromised at Midland Memorial Hospital Midland Memorial Hospital has suffered a breach of a a number of patients’ protected […]
Currently the Personal Information Protection and Electronic Documents Act (PIPEDA) is in place, to ensure the free flowing of personal data from companies within the EU to companies in Canada and vice versa. It is […]
Many data breaches have been reported by HIPAA-covered entities, involving the loss or theft of physical records, in the past two months. In November, seven violations involving paper records were made known to the HHS’ Office […]
Data protection has become an ever more important issue as use of the Internet has grown. The more data that is collected online, the more potential there is for the data to be compromised. For […]
The Oklahoma Department of Human Services experienced, in April 2016, a data breach, and while alerts were sent to affected people and the DHS’ Office of Inspector General shortly after the breach was found, a breach […]
Click to view infographic You have more than likely heard about the General Data Protection Regulation (GDPR), but you may not know how it is going to affect your business, and what it means for […]
UNC Dermatology & Skin Cancer Center has discovered that one of its laptop computers has been stolen, exposing the protected health information of around 24,000 patients. The computer was obtained by unauthorized individuals in a […]
Two employees at Chicago’s Sinai Health System have had their email accounts compromised in a recent cyberattack. Sinai Health System reports that the phishing attack happened on October 2, and that it was quickly discovered […]
The New Jersey-based Hackensack Sleep and Pulmonary Center, experts in sleep disorders and pulmonary conditions and diseases, has suffered a ransomware attack that in the protected health information of certain clients being encrypted. The ransomware […]
The General Data Protection Regulation (GDPR) will come into force on May 25, 2018 and many are wondering how it will work with existing privacy arrangements, such as the Privacy Shield. One of the stipulations of […]
Many people make the mistake of believing that the upcoming General Data Protection Regulation (GDPR) only applies to businesses and organisations that are based within the EU. This is not the case. GDPR applies to […]
The Netherlands Government has progressed its GDPR Implementation Billto face a vote before Parliament. The focus f the bill is to prepare and achieve compliance with the oncoming General Data Protection Regulation (GDPR) which becomes […]
Louisville, KY based Baptist Health has contacted 880 patients that some of their protected health information may have been obtained by by hackers. The PHI violation was found on October 3, 2017, when irregular activity […]
The Henry Ford Health System has started alerting almost 18,500 patients that some of their protected health information may have been been accessed by an unauthorized person. The breach was found on October 3, 2017 […]
The discovery has been made that the medical records of 769 patients of Lowell General Hospital in Massachusetts have been accessed by an employee without any valid work reason. In accessing the medical details, the […]
When you first think about GDPR and employee engagement, they may not seem as though they are related in any way. However this is not the case. There is actually a strong connection between the […]
A provider of mental health treatment and support services for individuals with intellectual and developmental disabilities, Center for Health Care Services (CHCS), has foudn that documents containing the protected health information of patients have been […]
Paper files with information including names, Social Security details, and medical records, along with details of cancer diagnoses and sexually transmitted diseases (STDs), have been found at a recycling center in Allentown, Pennsylvania. The files […]
The Data Privacy Directive was originally adopted in 1995, as a means of regulating the way personal data was dealt with in EU member states. Since the EU Data Privacy Directive was introduced, much has […]
The first thing to say is that the General Data Protection Regulation (GDPR) does not provide specific rules for the handling and archiving of emails, but it does make a big difference to the way […]
You only need to look at the results of surveys by Exchange Wire, Calligo and McAfee, among others, to see that many data professionals, and their organisations, are not fully prepared for the General Data […]
A breach of patients’ protected health information (PHI) at the UAB Medicine Viral Hepatitis Clinic in Birmingham, AL has been discovered. UAB Medicine uses flash drives to send data from its Fibroscan machine to another computer. […]
Under the existing Data Protection Directive – which will be replaced by the General Data Protection Regulation (GDPR) on May 25 – companies and organisations are not authorized to retain or continue processing personal data […]
In order to process personal data in compliance with GDPR a legal basis is mandatory. Consent is but one of the 6 Legal Bases for processing personal data under the GDPR. With regard to the […]
ShopRite Supermarkets, Inc., has revealed that some of its clients have been impacted by a security breach following the improper disposal of a device used to record customers’ signatures. The device was stolen from the […]
Once the General Data Protection Regulation (GDPR) comes into play, in May 2018, it will be possible for any organisation that does not comply to be fined as much as 4% of annual turnover, or […]
Sports Medicine & Rehabilitation Therapy (SMART) has made contact with 7,000 patients to advise them of a violation of their protected health information. The breach has have affected all patients whose information was captured while […]
Recently published, the second draft of the revised NIST Cybersecurity, Version 1.1 of the Framework, incorporates major changes to some of the current guidelines and many new additions. Version 1.0 of the NIST Cybersecurity Framework […]
It’s just a few months until businesses and companies need to comply with the General Data Protection Regulation (GDPR). The new rules come into play on 25 May 2018. But, if recent surveys are anything […]
Legal tech firm Axiom reported that its research had shown that FTSE 100 and Fortune 500 companies could end up paying around £800 million in order to scrutinise contracts, to ensure compliance with the General […]
A HIPAA Administrative Simplification Optimization Project Pilot is being operated by The Department of Health and Human Services is currently inviting volunteers to have compliance audits. The focus of the project is to streamline HIPAA […]
Cottage Health will pay $2 million to settle a number of HIPAA violations in relation to state and federal laws. The group, located in Santa Barbara, was reviewed by the California attorney general’s office due […]
Businesses that are as yet unprepared for the introduction of the General Data Protection Regulation on May 25th may want to know what the GDPR penalties are, how they are enforced and what other consequences […]
The General Data Protection Regulation (GDPR) is just around the corner, but recent surveys show that organisations are ill-prepared for its implementation. Exchange Wire interviewed a selection of data professionals, and while 32% said they […]
A recent report carried out by the Ponemon Institute has emphasized current endpoint security trends, details the ever-present threat from ransomware, and shows that fileless malware cyberattacks are increasing. Annually, endpoint attacks cost the healthcare […]
It has been discovered that an unencrypted laptop has been stolen from one of the employees of Rocky Mountain Health Care Services of Colorado Springs . This is the second such theft incident to be […]
If the report published by FTSE350 Cyber Governance Health Check represents facts on the ground, then most of the UK businesses still have a long way to go regarding preparations for compliance with the General […]
The House Committee on Energy and Commerce has pleaded with the HHS to move forward on all recommendations for medical device security proposed by the Healthcare Cybersecurity Task Force, seeking quick action to be taken […]
Google Cloud Customers can rest assured that there will be no service disruption or any possibility of falling victim to the hefty penalties of the new GDPR law when it comes into force on May […]
An unencrypted laptop has been stolen from one of its employees in a theft, the second such incident to be discovered in the space of three months, at Rocky Mountain Health Care Services of Colorado […]
In April the German Parliament passed the new Federal Data Protection Act. Being an EU member state, the country sought to replace the old BDSG regulations that have been in existence for the last 40 […]
A phishing attack at the Medical College of Wisconsin has lead to the exposure of approximately 9,500 patients’ protected health information. The hackers gained access to the email accounts of staff member, which included a […]
The November 2017 healthcare Breach Barometer Report has been published by Protenus. Following an unusually particularly bad September, healthcare data breach incidents fell to more normal levels, with 37 breaches recorded during the month of […]
American companies, involved in various businesses on a global scale, will be aware that the introduction of the EU GDPR legislation is just months away. As a result, they have made data privacy their top […]
UPMC Susquehanna, a network of hospitals and health facilities in Williamsport, Wellsboro, and Muncy in Pennsylvania, has revealed that the protected health information of 1,200 patients has possibly been accessed by unauthorized people. Access to […]
The ever-changing digital market necessitated the introduction of General Data Protection Regulations (GDPR) to safeguard privacy and ensure data protection for EU citizens, but what effect will this have on American companies, particularly American tech […]
GDPR’s data breach notification requirements will be significantly different from the existing ones. The regulation tends to move away from the current general notifications and introduces a new practice that embraces policies and procedures. Under […]
With the GDPR’s effective start date, May 25 2018, on the horizon, Human Resource Management departments should be planning on how to undertake the necessary changes that will ensure their operations remain legal when the […]
Personally identifiable information of a limited number of insurance applicants has been exposed online, according to an announcement by Blue Cross and Blue Shield of Florida, dba Florida Blue. Florida Blue was made aware of […]
After a burglary at an off-site storage center in East Brunswick, NJ, Otolaryngology Associates of Central Jersey is making patients aware a breach of their protected health information. The thieves removed 13 boxes of paper […]
Amazon has revealed that new security measures have been added to its cloud server that will make it much more difficult for users to misconfigure their S3 buckets and mistakenly leave their data accessible. While […]
It is has been almost two decades since the introduction of the Data Protection Acts (DPAs). As technology develops, business operations and human activities keep changing. The laws governing these activities must keep pace with […]
Patients of Cook County Health and Hospitals System, a health system comprising two hospitals and more than a dozen community health centers in Cook County Illinois, have been made aware of a breach of their […]
There was been a 305% increase in the number of records exposed in data breaches in the 2017 according to a data breach report from Risk Based Security (RBS), a provider of real time information and […]
Time might not be on the side of the UK companies that have not yet begun preparations for GDPR compliance. Most studies indicate that the majority of the United Kingdom’s organizations are at high risk […]
Europe is a couple of months away from enforcing the General Data Protection Regulation. With this limited time, several studies still show that most companies are not prepared for the new requirements. The fact remains […]
In August 2017 malware was discovered to have been installed on one of the computer servers used by Catholic Charities of the Diocese of Albany (CCDA) in its Glens Falls office, which served patients in Saratoga, Warren […]
The introduction of EU General Data Protection Regulation has given rise to many surveys that attempt to investigate the law’s possible impact on businesses. Most of these surveys focus and report on the negative impacts […]
Attorney General Eric T. Schneiderman has introduced the ‘Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)’ into the legislature in New York.it is hoped that Act will protect New Yorkers from unnecessary breaches […]
The two-year grace period for organizations to align their systems and processes to General Data Protection Regulation (GDPR) requirements has almost come to an end. This has left many organizations fighting to adjust their processes […]
Two USB drives storing the protected health information of up to 2,000 veterans have been stolen from the Man-Grandstaff VA Medical Center in Spokane, WA it has been reported. The two USB devices were being […]
The European Union’s approach to online privacy sets new requirements for communications between email marketing companies and their existing customers. The new General Data Protection Regulation (GDPR) legislation, to be introduced on May 25 2018, […]
When the General Data Protection Regulation (GDPR) legislation is enacted by the European Union on May 25 2018, firms that have established a safe information management process that incorporates offsite workers will be in a position […]
It has recently been discovered that a former employee of the Texas Children’s Health Plan has recieved the protected health information (PHI) of 932 members in a private email. The last known incident where the […]
A new WannaCry ransomware variant has been used to attack FirstHealth of the Carolinas, a Pinehurst, SC-based not for profit health network. WannaCry ransomware was used in worldwide attacks earlier in May. Over 230,000 computers […]
The European Union introduces GDPR at a time when the world needs to strengthen consumer privacy rights and enhance data governance. Given the importance of this law, several studies have been conducted to assess the […]
The EU’s General Data Protection Regulation (GDPR) unifies different email laws from across member states. The new law is set to bring greater consistency to how businesses use and store data. GDPR modifies various critical […]
The protected health information (PHI) of almost 8,000 client of Brevard Physician Associates may have been accessed following the theft of an office computer in a recent break in. The burglary happened on September 4, […]
One of the changes that will be introduced with General Data Protection Regulation (GDPR) in 2018 includes the delineation of specific obligations on data controllers and processors. Contrary to the current law, the new data […]
A HIPAA Breach has been reported at lawnmower engine manufacturer Briggs Stratton which may have affected 12,789 of its employees and potentially resulted in the exposure of names, addresses, dates of birth, driver’s license numbers, […]
The Austrian Parliament seized the opportunity, granted by the GDPR’s opening clauses that give European Union member states the discretion to enact their local laws, to pass the new Data Privacy Act that fine-tunes data […]
The Ministry of Internal Affairs in Romania published a draft bill on 5 September 2017 amending the country’s current data protection legal framework ahead of the introduction of the European Union General Data Protection Regulation […]
The Polish Government published draft provisions for the new Data Protection Act that aims to bring the country’s legal framework at par with the forthcoming EU General Data Protection Regulation (GDPR). The significant changes that […]
A former staff nurse, 41-year old Tangela Lawson-Brown from Midway, has been found guilty of wire fraud, stealing government funds, possession of unauthorized access devices and aggravated identity theft by a court in Tallahassee. She […]
If companies thought that the prospect of penalties for GDPR data breaches were being exaggerated, they will be in for a shock when the new EU data protection law takes effect next year. May 2018 […]
The San Antonio, TX, Advanced Spine & Pain Center (ASPC) has advised clients of a possible breach that could have affected as many as 8,362 patients. ASPC became aware of a potential violation of ePHI […]
Over the weekend of August 12-13 an individual obtained access to a file server used by Ashland, MI-based Namaste Health Care and installed ransomware software encrypting data including patients’ protected health information. However, prior to […]
The Government of Luxembourg published the draft bill that creates the National Commission for Data Protection (CNPD) and implementation of General Data Protection Regulation (GDPR). The Bill intends to prepare the legal grounds for the […]
An unencrypted laptop device has been stolen from the automobile of an staff worker of Bassett Family Practice in Virginia, possible leading to the exposure of the protected health information of the Practice’s clients. It […]
Most United Kingdom based companies risk disruption of businesses and huge fines as a result of GDPR non-compliance. UK organizations may either be doing little to comply with the regulations or have failed to involve […]
The findings of research conducted by, statistical software giant, SAS reveal that just 45% of organizations have developed a structured plan in response to the forthcoming General Data Protection Regulation (GDPR). This puts a majority […]
Chase Brexton Health Care has reported that the group experienced a phishing cyber attack on August 2 and August 3, 2017 and may have affected as many as 16,562 patients. The cyber attack involved multiple phishing […]
The National Retail Federation and EuroCommerce has agreed to collaborate on a unified retail industry approach to the implementation of General Data Protection Regulation (GDPR). The retailers will be the major beneficiaries of the collaborative […]
Healthcare organizations often outsource many HIPAA transactions to third-party vendors, yet finding suitable companies that can provide the necessary services can be a time-consuming process. While there is unlikely to be a shortage of companies […]
RiverMend Health, a Augusta, GA-based specialty behavioral health provider has reported an unauthorized person has gained access to the email account of one of its employees after suspicious emails were identified being sent from that […]
Privacy International lived up to its reputation for defending and promoting the right to privacy when it proposed several recommendations meant to strengthen the United Kingdom Data Protection Bill recently. Privacy International is a charity […]
Copyright © 2023 ComplianceJunction