Ugh. Fairchild Medical Center had a misconfigured server exposing PHI from December 16, 2015 until they were alerted to the problem in late July by an unnamed security company who discovered the exposure. Here’s their press release, below. Note that this does not (yet) appear on HHS’s breach tool. YREKA, Calif., Nov. 25, 2020 /PRNewswire/ —...
Chad Pradelli and Cheryl Mettendorf report: Cybercriminals have attacked the Delaware County, Pennsylvania government network and taken it hostage. The criminals are demanding $500,000 to free it up. Sources told Action News, the cybercriminals gained control of the network on Saturday encrypting files, including police reports, payroll, purchasing, and other databases. Prosecution evidence, however,...
Chris MacLennan reports: A data breach at NHS Highland has led to the personal information of 284 patients with diabetes being shared with more than 30 people. The error, which occurred on Tuesday November 17, led to the names, dates of births, contact information and hospital identification numbers of the patients being revealed. Read...
Attempts to hold an entity liable for the wrongdoing of an employee has produced mixed results in the courts. Here’s a case in Indiana like that, below. As seen on The Indiana Lawyer: Justices last week granted transfer in the case of Community Health Network, Inc. v. Heather McKenzie, et al., 20S-CT-648. Heather McKenzie’s medical...
Data Breach Cases: An Analysis of Standing and Best Causes of Action