Subcontractor

Two Data Breaches Hit Kentucky Employees’ Health Plan

Sarah Michels reports:  Nearly a thousand members of Kentucky Employees’ Health Plan (KEHP) were victims of a data breach that took place in late April and mid-May, according to a statement released by the Commonwealth of Kentucky Personnel Cabinet on June 2. During the first attack, from April 21 to 27, 971 KEHP members...

Indiana covered entities discover that their documents storage and secure destruction vendor dumped records improperly

I know the arguments against holding covered entities for auditing and monitoring their business associates periodically for compliance with any contracts, but when you don’t hold covered entities really accountable for checking that their vendors or business associates are living up to their contracts, stuff like this happens.  And it can go on for...

Class-action lawsuit filed against state contractor over Ohio Department of Job and Family Services data leak

No surprise here….  ABC6 in Ohio reports: A class-action lawsuit has been filed in the Cuyahoga County Court of Common Pleas, alleging Deloitte—the contractor the Ohio Department of Job and Family Services (ODJFS) hired to create and manage the new Pandemic Unemployment Assistance system—acted “negligently and recklessly,” leading to last week’s data leak. Read more...