Study: Monitoring patient social media accounts for evidence of disease

(Jun 19, 2019) A new study from a group of researchers at the University of Pennsylvania Perelman School of Medicine found social media data outperformed demographic data in predicting diseases, such as diabetes, anxiety and depression, Vice reports. The study's authors believe doctors could better diagnose and treat diseases if they had access to a patient’s social media accounts. The study analyzed the social media accounts of nearly 1,000 patients with their consent. While researchers anonymized the individ... Read More

A look at provisions within the New York Privacy Act

(Jun 17, 2019) Foley Hoag Security, Privacy and the Law Blog looks at the key provisions within the New York Privacy Act. The NYPA would apply to “legal entities that conduct business in New York” and go into effect within 180 days after it is enacted. Organizations face fiduciary duties if they collect, sell or license any personal data. The bill is currently under consideration by the state Senate’s Consumer Protection Committee. Meanwhile, Gov. Larry Hogan, R-Md., signed a bill to amend Maryland’s data brea... Read More

US House of Reps approves amendment lifting ban on patient IDs

(Jun 14, 2019) The U.S. House of Representatives passed an amendment to a proposed appropriations bill that would lift a 20-year ban on funding for a unique national patient identifier, GovInfoSecurity reports. The House and Senate still need to approve the appropriations bill, while the Senate has to approve a similar provision, and the final bill must contain the amendment before it can be signed off by President Donald Trump. The creation of a national patient identifier system was initially a requirement o... Read More

NSHA hit by phishing attack

(Jun 14, 2019) The Nova Scotia Health Authority was impacted by a phishing attack that compromised an employee’s email account, Global News reports. NSHA Director of Privacy Karen Hornberger said the employee entered their credentials into a malicious link that allowed hackers to access the staff member’s inbox. The health care organization is in the process of notifying the 2,841 people who had their information exposed. Nova Scotia Information and Privacy Commissioner Catherine Tully said she was surprised a... Read More

Survey shows UK distrust, value in protecting NHS data

(Jun 13, 2019) A YouGov survey revealed 70% of U.K. respondents don't trust multinational tech giants with National Health Service patient data, ITV reports. In the pool of 2,081 responses, 13% said they could trust multinational big tech companies, while 76% can't support the data being analyzed in different countries that carry varying data laws and protections. The survey also polled 102 members of Parliament, 58% of whom stated they would want their information handled by U.K.-based companies, while 80% wa... Read More

More than 20M patients affected by AMCA data breach

(Jun 13, 2019) Maryland Attorney General Brian Frosh is warning residents their medical information may have been compromised in a data breach of the American Medical Collection Agency, CBS reports. Earlier this month, Quest Diagnostics and LabCorp reported millions of patients had been affected by the data breach of the third-party collection agency used by a variety of health care providers. BioReference Laboratories, Carecentrix and Sunrise Laboratories have also reported patient records have been affected.... Read More

Vt. Supreme Court rules patient can sue over privacy violations

(Jun 11, 2019) HIPAA Journal reports the Vermont Supreme Court has ruled that a patient can pursue legal action against a hospital and one of its employees for privacy violations. A female patient was allowed to bring forward a case regarding the improper disclosure of her health information by her health care provider despite the lack of a private cause of action in Vermont law or the Health Insurance Portability and Accountability Act. The court ultimately decided that the disclosure fell under a noted excep... Read More

US Sens. Menendez, Booker seek answers on Quest Diagnostics, LabCorp data breaches

(Jun 10, 2019) U.S. Sens. Cory Booker, D-N.J., and Bob Menendez, D-N.J., are pressing a third-party billing company for information after it was found to be the source of data breaches at Quest Diagnostics and LabCorp that combined to affect the records of nearly 20 million patients, The Hill reports. The two senators drew up a letter to the American Medical Collection Agency asking how the breach occurred and what steps were being taken to ensure data security going forward. “We must ensure that entities with... Read More

NY attorney general, online retailer reach $65K settlement over data breach

(Jun 7, 2019) New York Attorney General Letitia James has announced that online retailer Bombas agreed to pay $65,000 and improve its data security after failing to properly notify customers after a data breach. The breach, which occurred between September 2014 and January 2015, involved a combined 39,561 customers. Bombas waited until May 2018 to notify all affected customers and relevant New York agencies of the breaches, and by doing so violated the General Business Law. “This agreement will ensure better ... Read More

PEI dental office employee fired for disclosing patient info

(Jun 7, 2019) The Office of the Information and Privacy Commissioner of Prince Edward Island found a dental office employee had sent the sensitive information of 1,041 patients to a family member, CBC News reports. An investigation found the data had not been sent with malicious intent but rather to prove that the staff member was actually at work. The employee was fired for their actions, and all the emails sent by the staff member had been "securely destroyed." All affected individuals were notified of the ... Read More