A ransomware attack, discovered last week, against the EHR vendor Allscripts lead to thousands of healthcare suppliers being prevented from accessing patient data or using the e-prescription service. Florida-based Surfside Non-Surgical Orthopedics have moved quickly […]
The simple answer to this question is that not all companies need to appoint a Data Protection Officer (DPO) under the General Data Protection Regulation (GDPR). It is expected that larger companies (those that employ […]
Westminster Ingleside King Farm Presbyterian Retirement Communities has experienced a malware infection that may have resulted in the attackers obtainingt he protected health information of may of it patients. The assisted living facility, based in […]
As a software developer, you have undoubtedly heard about the General Data Protection Regulation (GDPR), which comes into effect on 25 May 2018. It is important that you know how the introduction of this regulation […]
The South Dakota Senate Attorney Judiciary Committee has passed a bill to introduce data breach notification legislation after a 7-0 vote. The bill was proposed by the Committee on Judiciary following a request issued by […]
As the date of implementation of the General Data Protection Regulation (GDPR), draws ever nearer, the European Commission has published guidance about the regulation, for use by Data Protection Authorities (DPAs), governments, national authorities, businesses […]
The protected health information of 53,173 patients who received services from Onco360 and CareMed Specialty Pharmacy has been compromised in an email hacking attack. The patients were notified after a security breach when suspicious activity […]
A new report released by online security company Sophos indicates that victims of ransomware attacks have a greater chance of suffering additional attacks within the subsequent 12 months. The report states that the healthcare sector […]
Over 1,300 clients of Palomar Medical Center Escondido have been wanred that a nurse, previously employed by the group, accessed their medical records without permission while they were being treated at the health center. The […]
The General Data Protection Regulation (GDPR), which comes into force of 25 May 2018, is intended to give EU citizens more control over the personal data about them that is held by businesses and organisations. […]
Health insurer Aetna has agreed to a settlement in a class action lawsuit taken by victims of a mailing mistaken that lead to the details of HIV medications prescribed to individuals being seen through the clear plastic […]
Article 35 of the General Data Protection Regulation (GDPR) stipulates that a Data Protection Impact Assessment (DPIA) should be carried out if the processing of data is likely to create a high risk. Although there […]
Hancock Health , based in Greenfield, Indiana experienced a ransomware attack on Thursday last week. Employees of Hancock were forced to use offline methods to record patient health information, while IT staff tried to respond to […]
Following the introduction of the General Data Protection Regulation (GDPR), in May 2018, each business or organization will report to a Lead Supervising Authority (LSA), in that this will be where they get any advice […]
Currently there is no general responsibility for companies who process data of EU citizens to report a data breach to data subjects, although some companies do send notifications as a matter of course. Once the […]
A recent University of Phoenix College of Health Professions survey shows that indicates registered nurses (RNs) are satisfied withtheir organization’s measures in place to stop data breaches occurring. The survey was conducted on 504 full […]
43,000 patients of West Virginia-based Coplin Health Systems have been advised that their PHI has possibly been exposed due to the theft of an unencrypted laptop computer from the vehicle of a member of staff. […]
Guidance has now been released by ICSA – The Governance Institute, which is intended to be used internally by companies, as the May 2018 implementation date of the General Data Processing Regulation (GDPR) draws near. […]
Charles River Medical Associates, based in Framingham, MA-based, has discovered that one of its portable hard drives was missing, possibly affecting the PHI of almost 9,400 people Last November, the practice discovered that the device which […]
A main aim of the introduction of the General Data Protection Regulation (GDPR), in May 2018, is to ensure that the rights and freedoms of people living in EU states are protected, when it comes […]
Tt has been discovered that an unauthorized person has gained access to parts of its Oklahoma State University Center for Health Sciences (OSUCHS) computer network and potentially downloaded files holding billing information of Medicaid subscribers. […]
There has been some confusion regarding what is defined as personal data, under the General Data Protection Regulation (GDPR). This is despite the fact that the term “personal data” is defined in Article 4 of […]
The Agency for Health Care Administration in Florida has found that an unauthorized individual obtained access to a single email account due to a member of staff beign tricked by phishing scam. The member of […]
When the General Data Protection Regulation (GDPR) comes into force on 25 May 2018, rules for obtaining consent are going to be more stringent than they are at present. Business owners and data protection specialists […]
1,128 patients’ protected health information has potentially been viewed after an unauthorized individual gained access to the Compassionate Care Hospice Las Vegas (CCHLV) network and server. The breach occurred on October 28, 2017, CCHLV was alerted that […]
When the General Data Protection Regulation (GDPR) comes into force, on 25 May 2018, there will be a requirement for businesses and organizations that deal with mass people monitoring, or large amounts of sensitive personal […]
The findings of an audit of the North Carolina State Medicaid agency by The Department of Health and Human Services’ Office of Inspector General (OIG) have been published in a new report. The report indicates that […]
Kaiser Permanente has suffered a couple of security incidents which filed with the Department of Health and Human Services’ Office for Civil Rights (OCR). Overall, in excess of 5,000 people have been affected by the […]
The procedures for requesting a Subject Access Request (SAR) are set to change very little with the introduction of the General Data Protection Regulation (GDPR), in May 2018. But, the process for providing a response […]
As the introduction of the General Data Protection Regulation (GDPR) draws ever nearer there is a need for tens of thousands of suitably experienced data protection officers (DPO) to work with businesses and organizations that […]
It has been discovered that a former member of staff at SSM Health has been accessing the health records of patients without any valid work reason for doing so for roughly eight months. The former health […]
A former employee of Emory Healthcare (EHC) has been found to have obtained the protected health information of 24,000 EHC patients and shared the data to a Microsoft Office 365 OneDrive account, from where it […]
Call recording is a process that is widely used by businesses and organizations across the globe, but the process which companies follow to record calls will change with the introduction of the GDPR on May […]
Longs Peak Family Practice (LPFP) in Colorado has found that an individual gained access to its systems and encrypted files using ransomware last November. The family and sports medicine practice based in Longmont CO, found […]
A cyberattack, causing unexpected downtime, has been discovered at The University of Rochester Medicine’s Jones Memorial Hospital in Wellsville, NY. The attack is thought to have started on Wednesday December 27 and has lead to […]
You may have heard a lot about consent, in relation to the General Data Protection Regulation (GDPR), which becomes a reality in May 2018. But, this is not the only reason organizations and companies may […]
The introduction of the General Data Protection Regulations (GDPR) may have significant impact on companies involved in gambling and betting. Gambling companies rely on collecting and processing personal data in order to provide players with […]
Copyright © 2018 Compliance Junction
