Ca: Regina clinic failed to notify patients of privacy breach, says commissioner

September 19, 2020
Dissent

Mark Melnychuk reports: An investigation by Saskatchewan’s privacy commissioner found that a Regina medical clinic did not notify patients when a doctor’s dictation machine containing personal health information went missing a year ago. According to the report filed on Sept. 15, Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski wrote that his office was...

PA: Geisinger Berwick notifying hundreds of patients after firing employee for improper access to records

September 19, 2020
Dissent

Geisinger Berwick is notifying more than 700 patients whose patients’ records were accessed without justification by a now-former employee. As first reported by Times Leader, the improper access began in June 2019 and would likely still be continuing were it not for an employee that reported their concern about the employee’s actions to the...

Did ransomware threat actors hit a German medical clinic by mistake? Either way, someone died as a result.

September 17, 2020
Dissent

It was our nightmare realized: a medical center was completely paralyzed by a ransomware attack and someone died as a result. As of last week, the University Clinic in Düsseldorf reported that it was in a state of emergency. Operations had been canceled, and ambulances had to be redirected to other clinics. On September...

COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic

September 17, 2020
Dissent

A snippet from the Executive Summary of a new report written by Robert Gellman and Pam Dixon: This report offers an analysis of existing laws and practices regarding both types of HIPAA COVID-19 waivers. The report recommends that, when the current emergency subsides, the Secretary of HHS review in a systematic way the privacy,...

SunCrypt ransomware threat actors claim theft of University Hospital New Jersey files

September 15, 2020
Dissent

Ax Sharma reports: University Hospital New Jersey (UHNJ) has suffered a massive data leak with over 48,000 documents floating on the dark web. An anonymous tip sent to BleepingComputer shows the different types of documents found in the leaked data dump. Read more on BleepingComputer, who provide a lot of redacted screenshots from a data...

DataBreaches.net

DataBreaches.net

Health Data

Ca: Regina clinic failed to notify patients of privacy breach, says commissioner

PA: Geisinger Berwick notifying hundreds of patients after firing employee for improper access to records

Did ransomware threat actors hit a German medical clinic by mistake? Either way, someone died as a result.

COVID-19 and HIPAA: HHS’s Troubled Approach to Waiving Privacy and Security Rules for the Pandemic

SunCrypt ransomware threat actors claim theft of University Hospital New Jersey files