A medical privacy breach led to the public posting on a commercial Web site of data for 20,000 emergency room patients at Stanford Hospital in Palo Alto, Calif., including names and diagnosis codes, the hospital has confirmed. The information stayed online for nearly a year.
via Stanford Hospital Patients’ Private Data Was Posted Online – NYTimes.com.
A Niagara Falls, Ontario man is facing charged he lied to government authorities and violated HIPAA laws by dumping medical records into a dumpster behind the Erie County Auto Bureau Office in Cheektowaga
via Man charged after medical records found | WIVB.com.
The new AWS GovCloud Region offers the same high level of security as other AWS Regions and supports existing AWS security controls and certifications such as FISMA, SAS-70 Type II, ISO 27001, FIPS 140-2 compliant end points, and PCI DSS Level 1
via Q&A: Teresa Carlson of Amazon Web Services Discusses GovCloud | WHIR Web Hosting Industry News.
Most importantly, the new law PDF available here, courtesy Information Law Group states that notification must be direct. Yes, it can be electronic, but it must provide a way for the notified party to follow up with questions, and give that person a point of contact who represents the company. The company contact must be accessible through toll-free telephone, not just e-mail.
via California: Consumers Must Be Notified Directly of Data Breaches.
Today IBM announced plans to acquire the Fitch Group’s Algorithmics, a heavy-hitter in financial risk management software and services market, for $387 million.
via IBM To Acquire Algorithmics… GRC and financial risk management get a little closer | Forrester Blogs.
Data breaches, including those originating inside and outside of the organization, continue to affect companies at an alarming rate. Nearly half a billion electronic records in the United States have been compromised over the last six years
via Nearly Half a Billion Electronic Records in the U.S. Have Been Compromised.
Fraudulent accounts range from a low of 5 percent to an astonishing 40 percent of users. Scammers are registering accounts by the millions as they perpetrate fake “friend requests,” deceptive tweets, and the like, while the black market for bulk social networking accounts is growing exponentially.
via Debut Impermium Index Reveals Surprising Trends in Social Web Spam Attacks | Impermium.
“I don’t know what HIPAA stands for, but I believe in it and I practice it,” Manning said, joking, referring to the federal law protecting medical privacy. “So, uh, I’ll leave it at that.”
http://www.nytimes.com/2011/08/30/sports/football/nfl-football-roundup-manning-colts.html?_r=1
Security company McAfee released its second quarter threat report today and the language in it is quite frank, “the security industry may need to reconsider some of its fundamental assumptions, including ‘Are we really protecting users and companies?’”
via McAfee to Security Industry: “Are We Really Protecting Users and Companies?”.
Another week, another data breach at a major university. This week it’s Yale, which announced Friday that the names and Social Security numbers of 43,000 people affiliated with the university had been publicly viewable on Google for the past 10 months.
via Data breach hits Yale University – Technology & science – Security – msnbc.com.
