Privacy tech companies receive funding to boost products

(Jan 22, 2018) Protenus announced it has received an $11 million investment from a group including Kaiser Permanente Ventures to bring its health data auditing and privacy monitoring platform to more hospitals across North America. The health care compliance analytics company plans on using the funding to accelerate sales and fill customer support positions, while boosting its R&D to expand its platform’s capabilities. Meanwhile, Tel Aviv-based startup D-ID closed out a $4 million seed round for its tools,... Read More

CareFirst warns Supreme Court of potential wave of breach lawsuits

(Jan 19, 2018) As CareFirst BlueCross BlueShield makes a final push to have its data breach case heard by the U.S. Supreme Court, the insurer warns a wave of class-action lawsuits could be on the horizon, FierceHealthcare reports. In a final brief submitted by CareFirst’s lawyers, the insurer argues if the U.S. Court of Appeals in the District of Columbia’s decision to allow members to move forward with their lawsuit is left alone, it could lead to anyone involved in a breach to sue, “even if the plaintiff suf... Read More

Nearly 3M Norwegians at risk following health care data breach

(Jan 19, 2018) A health care organization in Norway has suffered a data breach, potentially impacting millions of citizens, International Business Times reports. Health South-East RHF announced the data breach earlier this month. The organization, which serves nearly 2.9 million Norwegians, was alerted by Norway’s CERT health care sector about “abnormal activity” within the region’s computer network. The CERT department said the individuals behind the attack are likely “advanced and professional” hackers. Heal... Read More

Health orgs paying ransomware despite having backup systems

(Jan 19, 2018) CareersInfoSecurity reports on an Indiana hospital that paid $55,000 to access data during a ransomware attack despite having backup systems available. A spokeswoman for Hancock Health said the organization paid the ransom because it did not want to risk delaying treatment for patients. The spokeswoman said it also would have taken weeks to access and restore the affected data using the backup systems, making it a better financial decision to pay the ransom. "That is why you should have an incid... Read More

Study: AI could help if EHRs were better, more interoperable

(Jan 19, 2018) A study conducted by independent policy research group JASON finds the health care industry could take advantage of advances in artificial intelligence if it strengthens electronic health record interoperability, FedScoop reports. While the growing use of smart devices and at-home services have made AI a more viable option, health care still struggles with interoperability, a problem the Office of the National Coordinator for Health IT, one of the agencies that commissioned the report, seeks to ... Read More

Lawsuit claims Maine marijuana regs violate patient privacy laws

(Jan 19, 2018) Owners of a medical marijuana shop have filed a lawsuit at the U.S. District Court in Bangor, Maine, arguing that Maine’s marijuana regulations, set to take effect Feb. 1, violate patient privacy laws and facilitate warrantless searches, The Portland Press Herald reports. Under the new regulation, Maine’s Department of Health and Human Services would be allowed to conduct same-day inspections of caregiver operations, which the plaintiffs argue is an unconstitutional search and seizure. It would ... Read More

Google removes addiction 'patient brokering' ads in UK

(Jan 18, 2018) Following the discovery that online brokers targeted addicts in the U.K., Google announced it is globally removing such ads, The Sunday Times reports. Google said it would look for a “better way to connect people with the treatment they need.” Upon removal of the ads in question, searches including “addiction advice” will take the user to a list of options, starting with the NHS website. A parliamentary inquiry may be held to discuss whether the practice of “patient brokering" should be outlawed... Read More

Aetna agrees to pay $17M to settle HIV breach lawsuit

(Jan 18, 2018) After 12,000 customers received letters accidentally revealing their HIV status through envelope windows, Aetna has agreed to pay $17 million to settle a federal class-action lawsuit, CNN reports. Once the settlement has received court approval, each person who had their privacy breached in the incident will receive $500, with an additional base payment of $75 to be sent out to 1,600 customers whose health data was allegedly disclosed to the health insurer’s legal counsel and mail vendor. AIDS L... Read More

Health app data used in German murder trial

(Jan 18, 2018) During the trial of man accused of rape and murder in Germany, police introduced data from the suspect’s Apple health app to link him to the act, the BBC reported last week. While the suspect refused to grant police access to his phone, investigators utilized a cyber-forensics firm from Munich to break into the device in question. In gaining access, the police were then able to paint a picture of the physical attack with the data collected by the health app. Peter Egetemaier, chief of police, re... Read More

Changes to the Federal Common Rule go into effect this week

(Jan 17, 2018) The Common Rule was initially proffered in 1981 and established for the purpose of protecting human subjects involved in research. It applies any time human subjects research is conducted using federal funding; therefore, federal agencies, academic institutions, and health care research institutes are among the top qualifying institutions. Updates to the Common Rule are scheduled to go into effect Jan. 19, and represent important changes for these institutions. Dianna Reuter, CIPP/US, and Heathe... Read More