From the Office of the Information & Privacy Commissioner of Alberta, a new decision: A former Covenant Health employee pleaded guilty to knowingly disclosing health information in contravention of HIA. Samantha Barker was fined $1,500 for the offence under HIA. She also admitted to accessing health information of several people without a valid employment...
On January 19, 2022, the Litchfield School District in New Hampshire notified the state’s Attorney General of a data security/privacy incident that seems to have previously escaped this site’s awareness. Let’s correct that now. From their report: On December 6, 2021, the District discovered that an individual with authority to access student records exceeded...
GreenSlate is notifying employees of some of its clients about a breach involving a rogue Canadian employee. According to their notification template submitted to the California Attorney General’s Office, on December 22, 2021, the firm’s security team detected that between December 10 and December 15, 2021, an employee in Canada had downloaded scanned paperwork...
A police officer is on trial for accessing records related to an investigation into her alleged driving offenses. Rory Cassidy reports: A police officer has gone on trial accused of illegally accessing her own case file. Acting Sergeant Victoria Robb is said to have logged on to a computer and looked at details of driving offences she allegedly committed. Robb, 31,...
Jan Vermeulen reports: Absa has sent a notice to several new clients found to be affected by a November 2020 data leak, when a former employee gave people’s personal information to a platform that sold it to third parties. The former Absa staff member behind the leak was a credit analyst who had access to risk modelling...
The following is not a new incident. It is just a newly disclosed incident because of a law enforcement-requested delay in disclosure. North Shore University Hospital (NSUH) issued a notice on February 1, 2022 concerning insider-wrongdoing. The notice begins: NSUH learned that a former employee who worked at a medical office may have improperly...
Low Youjin reports from Singapore: Despite having signed an undertaking to safeguard official information, a former deputy lead from a data management unit of the Ministry of Health (MOH) chose to leak classified Covid-19 information to members of a chat group on multiple occasions before it was officially announced to the public. Zhao Zheng’s attitude...
Here’s a good example of how monitoring and logs can detect a problem and prevent even more problems. Michigan Medicine detected an employee accessing patient records without legitimate need. The improper access began in December, 2021, and continued until it was caught by monitoring on January 25, 2022. Access was cut off on January...
NY: Nassau notifies 209 workers their confidential personal data may have been breached by employees
Scott Eidler reports: Nassau officials have notified more than 200 current and former employees in the Assessment Department their confidential personal data may have been breached after some co-workers last year gained unauthorized access to human resources information about department workers. In a letter Thursday to Nassau County Executive Bruce Blakeman and county legislators,...
The Tel Aviv company paid millions to stop cyber criminals