Second Former State Department Employee Pleads Guilty to Illegally Accessing Confidential Passport Files

A second former State Department employee pleaded guilty today to illegally accessing hundreds of confidential passport application files, Acting Assistant Attorney General Matthew Friedrich of the Criminal Division announced. Dwayne F. Cross, 41, of Upper Marlboro, Md., pleaded guilty before U.S. Magistrate Judge John M. Facciola in U.S. District Court for the District of...

Frequently Asked Questions About Family Medical History Information

The U.S. Department of Health and Human Services • Office for Civil Rights has updated its FAQ. 1. Does the HIPAA Privacy Rule limit an individual’s ability to gather and share family medical history information? No. The HIPAA Privacy Rule may limit how a covered entity (for example, a health plan or most health...

Seventh Day Adventist Church laptop with retirement plan data stolen

On December 13, a laptop computer assigned to an employee of the North American Division of Seventh-day Adventists Retirement Plans was stolen. The computer contained personal information including names and Social Security numbers on 292 residents of New Hampshire; the total number of individuals affected was not reported . The laptop was recovered four...

Innodata Isogen employee data on stolen laptop

Another day, another laptop stolen from an employee’s vehicle. This time, it was Innodata Isogen, who informed the New Hampshire Attorney General that on December 23, a laptop and benefit plan enrollment sheets were stolen from an employee’s car in Wayne, New Jersey. The laptop and benefit plan enrollment sheets contained personal information such...

Thief steals Continental Airlines laptop with biometric and other personal data

Sometime between December 31 and January 2, a laptop was stolen from a locked Continental Airlines’ office in Newark. The laptop contained personal information on employees, vendors, and new hire candidates. The laptop, which was used for background security checks, contained confidential files on 230 individuals, including their names, Social Security numbers, fingerprint images,...

Former Occidental Petroleum employees’ data in security breach

Through its attorneys, Occidental Petroleum Corporation notified the Vermont Attorney General’s office of a breach that was discovered on December 11th. A former employee in Tulsa “accessed and mishandled” personal information by emailing a spreadsheet containing information on former employees to a personal email account. The former employees’ data included names, addresses, birthdates, employee...

GA: Former nursing home employee arrested

Don Logana reports: A former nursing home employee is in jail tonight charged with elder abuse and stealing the identities of as many as 40 residents from nursing homes in the area. Thunderbolt police say Tamara Smith used her job as a certified nursing assistant to gain access to patients personal information. She is...

NIST DRAFT: IR 7497 Draft Security Architecture Design Process for Health Information Exchanges (HIEs)

  NIST has released its draft Interagency Report (IR) 7497, Security Architecture Design Process for Health Information Exchanges (HIEs), which is intended: to provide a systematic approach to designing technical security architecture for the exchange of health information that leverages common government and commercial practices and that applies them specifically to the HIE domain....

Medicare Launches Medicare Personal Health Record Choice Pilot

The Centers for Medicare & Medicaid Services (CMS) today announced the launch of the Medicare PHR Choice Pilot in Arizona and Utah. This pilot program will offer beneficiaries with Original Medicare the opportunity to choose one of the personal health record (PHR) products offered by the companies selected for the pilot. PHRs will allow...

UK: Cards compromised in petrol station fraud

More than 40 debit and credit cards have been compromised at a service station in Northamptonshire. About 45 people have had their bank cards compromised after using them to buy goods and services at the Shell Service Station on the A5 at Paulerspury near Towcester. Shortly after the cards were used at the station,...