The Colorado Mental Health Institute at Pueblo has found that one of its staff members has been tricked by a phishing scam that possibly allowed the attacker to gain access to the protected health information […]
It is a common misconception that the General Data Protection Regulation (GDPR), which comes into force on May 25th 2018, only applies to businesses and organizations which are based within the EU and that international […]
A Reno-based dental practice in has been hit by a ransomware attack that denied access to dental records and images for five days. The malicious software was installed, during a ransomware attack on October 30, […]
When the General Data Protection Regulation (GDPR) comes into force, in May 2018, its protections will apply to any individual who is living in the EU at the time. This means that any business that […]
Almost 10,000 patients of Columbus Surgery Center, LLC and Eye Physicians, P.C., in Columbus, Nebraska have been impacted by a ransomware attack. The ransomware attack was carried out on October 7, 2017 and hit a […]
Any business which employs more than 250 people, and processes personal data, is required to have a Data Protection Officer (DPO) under GDPR rules. Businesses will need to be compliant with this rule once the […]
The introduction of the General Data Processing Regulation (GDPR), on 25 May, 2018, will regulate the way different member states of the EU deal with the protection of personal data of individuals in the EU. […]
If you think that your company will not be subject to the General Data Protection Regulation (GDPR) because it is not based in a country within the European Union (EU), you may be in for […]
The protected health information of 1,750 patients of Austin Manual Therapy (AMT) may have been accessed and stolen by a criminal who gained access to the group’s system. A forensic review by a leading national […]
The simple answer to the question, “does GDPR apply to employees?”, is that yes it does. Businesses cannot only think about complying with the General Data Protection Regulation (GDPR) in respect of clients, it applies […]
Patients of MidMichigan Medical Center (MMC) in Alpena have been warned of a potential breach of their health data. On November 18, a MMC cardiologist took patient files from the Alpena cardiology office without permission. […]
Under the current European Data Protection Directive, consent is a legally required to hold and process personal data. This will continue to be the case with the introduction of the General Personal Data Regulation (GDPR). […]
NYU Langone Health System has found that files that included a log of presurgical insurance authorizations, relating to around 2,000 patients, was mistakenly recycled by a cleaning company in October 2017. Data in the binder included […]
Disturbing news coming from the US is that a recent survey conducted by HyTrust, security solutions specialists, showed that almost 80% of respondents were not prepared for the introduction of the General Data Protection Regulation […]
Two serious breaches of patients’ protected health information have been discoveredd in Texas and Pennsylvania. Email Account Compromised at Midland Memorial Hospital Midland Memorial Hospital has suffered a breach of a a number of patients’ protected […]
Currently the Personal Information Protection and Electronic Documents Act (PIPEDA) is in place, to ensure the free flowing of personal data from companies within the EU to companies in Canada and vice versa. It is […]
Many data breaches have been reported by HIPAA-covered entities, involving the loss or theft of physical records, in the past two months. In November, seven violations involving paper records were made known to the HHS’ Office […]
Data protection has become an ever more important issue as use of the Internet has grown. The more data that is collected online, the more potential there is for the data to be compromised. For […]
The Oklahoma Department of Human Services experienced, in April 2016, a data breach, and while alerts were sent to affected people and the DHS’ Office of Inspector General shortly after the breach was found, a breach […]
Click to view infographic You have more than likely heard about the General Data Protection Regulation (GDPR), but you may not know how it is going to affect your business, and what it means for […]
UNC Dermatology & Skin Cancer Center has discovered that one of its laptop computers has been stolen, exposing the protected health information of around 24,000 patients. The computer was obtained by unauthorized individuals in a […]
Two employees at Chicago’s Sinai Health System have had their email accounts compromised in a recent cyberattack. Sinai Health System reports that the phishing attack happened on October 2, and that it was quickly discovered […]
The New Jersey-based Hackensack Sleep and Pulmonary Center, experts in sleep disorders and pulmonary conditions and diseases, has suffered a ransomware attack that in the protected health information of certain clients being encrypted. The ransomware […]
The General Data Protection Regulation (GDPR) will come into force on May 25, 2018 and many are wondering how it will work with existing privacy arrangements, such as the Privacy Shield. One of the stipulations of […]
Many people make the mistake of believing that the upcoming General Data Protection Regulation (GDPR) only applies to businesses and organisations that are based within the EU. This is not the case. GDPR applies to […]
The Netherlands Government has progressed its GDPR Implementation Billto face a vote before Parliament. The focus f the bill is to prepare and achieve compliance with the oncoming General Data Protection Regulation (GDPR) which becomes […]
Louisville, KY based Baptist Health has contacted 880 patients that some of their protected health information may have been obtained by by hackers. The PHI violation was found on October 3, 2017, when irregular activity […]
The Henry Ford Health System has started alerting almost 18,500 patients that some of their protected health information may have been been accessed by an unauthorized person. The breach was found on October 3, 2017 […]
The discovery has been made that the medical records of 769 patients of Lowell General Hospital in Massachusetts have been accessed by an employee without any valid work reason. In accessing the medical details, the […]
When you first think about GDPR and employee engagement, they may not seem as though they are related in any way. However this is not the case. There is actually a strong connection between the […]
A provider of mental health treatment and support services for individuals with intellectual and developmental disabilities, Center for Health Care Services (CHCS), has foudn that documents containing the protected health information of patients have been […]
Paper files with information including names, Social Security details, and medical records, along with details of cancer diagnoses and sexually transmitted diseases (STDs), have been found at a recycling center in Allentown, Pennsylvania. The files […]
The Data Privacy Directive was originally adopted in 1995, as a means of regulating the way personal data was dealt with in EU member states. Since the EU Data Privacy Directive was introduced, much has […]
The first thing to say is that the General Data Protection Regulation (GDPR) does not provide specific rules for the handling and archiving of emails, but it does make a big difference to the way […]
You only need to look at the results of surveys by Exchange Wire, Calligo and McAfee, among others, to see that many data professionals, and their organisations, are not fully prepared for the General Data […]
A breach of patients’ protected health information (PHI) at the UAB Medicine Viral Hepatitis Clinic in Birmingham, AL has been discovered. UAB Medicine uses flash drives to send data from its Fibroscan machine to another computer. […]
Under the existing Data Protection Directive – which will be replaced by the General Data Protection Regulation (GDPR) on May 25 – companies and organisations are not authorized to retain or continue processing personal data […]
In order to process personal data in compliance with GDPR a legal basis is mandatory. Consent is but one of the 6 Legal Bases for processing personal data under the GDPR. With regard to the […]
ShopRite Supermarkets, Inc., has revealed that some of its clients have been impacted by a security breach following the improper disposal of a device used to record customers’ signatures. The device was stolen from the […]
Once the General Data Protection Regulation (GDPR) comes into play, in May 2018, it will be possible for any organisation that does not comply to be fined as much as 4% of annual turnover, or […]
Sports Medicine & Rehabilitation Therapy (SMART) has made contact with 7,000 patients to advise them of a violation of their protected health information. The breach has have affected all patients whose information was captured while […]
Recently published, the second draft of the revised NIST Cybersecurity, Version 1.1 of the Framework, incorporates major changes to some of the current guidelines and many new additions. Version 1.0 of the NIST Cybersecurity Framework […]
It’s just a few months until businesses and companies need to comply with the General Data Protection Regulation (GDPR). The new rules come into play on 25 May 2018. But, if recent surveys are anything […]
Legal tech firm Axiom reported that its research had shown that FTSE 100 and Fortune 500 companies could end up paying around £800 million in order to scrutinise contracts, to ensure compliance with the General […]
A HIPAA Administrative Simplification Optimization Project Pilot is being operated by The Department of Health and Human Services is currently inviting volunteers to have compliance audits. The focus of the project is to streamline HIPAA […]
Cottage Health will pay $2 million to settle a number of HIPAA violations in relation to state and federal laws. The group, located in Santa Barbara, was reviewed by the California attorney general’s office due […]
Businesses that are as yet unprepared for the introduction of the General Data Protection Regulation on May 25th may want to know what the GDPR penalties are, how they are enforced and what other consequences […]
Copyright © 2023 ComplianceJunction