Burglary at hospital employee’s home results in stolen flash drive and HIPAA data breach
Continue Reading Stolen Flash Drive Leads to Another HIPAA Data Breach
Identity Theft
Alaska DHSS HIPAA Breach Affects 501 Individuals, But Results in $1.7 Million Settlement with HHS Following Compliance Review
By Joseph J. Lazzarotti on
HIPAA audit following breach reported to OCR results in findings of noncompliance, settlement payment of $1.7 million and a three-year corrective action plan.
Continue Reading Alaska DHSS HIPAA Breach Affects 501 Individuals, But Results in $1.7 Million Settlement with HHS Following Compliance Review
Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
By Joseph J. Lazzarotti on
Notice to Connecticut Attorney General now required following data breaches affecting state residents.
Continue Reading Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
Vermont Strengthens Data Breach Notification Requirements
By Joseph J. Lazzarotti on
14-day Attorney General notice and other amendments to Vermont’s Security Breach Notice Act further complicate data breach response.
Continue Reading Vermont Strengthens Data Breach Notification Requirements
Massachusetts Company Fined $15,000 Under State’s Data Security Law
The Massachusetts AG’s enforcement of its data security law demonstrates that it does not take lightly the loss of Massachusetts residents’ personal information, even if that loss has not caused any known harm to the affected residents, and that it may remain watchful over the subject of an investigation for years to come.
Continue Reading Massachusetts Company Fined $15,000 Under State’s Data Security Law
Debt Collection Agency Sued by Minnesota Attorney General Over Privacy Breach and Other Concerns
Like any business that handles personal information, debt collection agencies have obligations to maintain reasonable safeguards to protect that information. Recent enforcement activity by the Minnesota Attorney General’s office makes this clear. The banks, health care providers and other businesses that utilize collection services are also driving compliance as they demand these companies have…
Third Party Vendors Equal Data Breach Risk, Massachusetts Vendor Contract Deadline Approaches – March 1, 2012
Massachusetts service provider contract deadline – March 1, 2012 – should be a reminder to revisit all contracts with third party vendors to ensure they require the vendor to safeguard personal information.
Continue Reading Third Party Vendors Equal Data Breach Risk, Massachusetts Vendor Contract Deadline Approaches – March 1, 2012
School Kids’ Data at Risk
Note to parents and school districts – data thieves are targeting cash-strapped school distrists to steal unprotected personal information of students who happen to have pristine credit histories.
Continue Reading School Kids’ Data at Risk
California Strengthens its Data Breach Notification Law
By Joseph J. Lazzarotti on
California tightens its data breach notification requirements.
Continue Reading California Strengthens its Data Breach Notification Law
Illinois Amends Its Data Breach Notification Law and Adds Data Disposal Mandate
By Joseph J. Lazzarotti on
Illinois amends its breach notification law and adds a data disposal mandate.
Continue Reading Illinois Amends Its Data Breach Notification Law and Adds Data Disposal Mandate