Breach Notification Act Passed by Alabama State Senate
Mar09

Breach Notification Act Passed by Alabama State Senate

The Alabama Data Breach Notification Act (Senate Bill 318) has been sent for consideration to the House of Representatives after the Alabama Senate last week unanimously passed it. Alabama is one of the two remaining states still yet to introduce legislation that requires companies to send notifications to people whose personal information is accessed in data breaches. South Dakota, the other state yet to introduce legislation, is...

Read More
NY Attorney General Fines EmblemHealth €575,000 for HIPAA Breach
Mar08

NY Attorney General Fines EmblemHealth €575,000 for HIPAA Breach

A mailing mistake by EmblemHealth in 2016 that resulted in the Health Insurance Claim Numbers of 81,122 plan subscribers printed on the exterior of envelopes has resulted in the New York Attorney General applying a $575,000 settlement fine. Despite that all mailings have a unique patient identifier on the envelope, in this case the potential for damage was high as Health Insurance Claim numbers are formed using the Social Security...

Read More
GDPR Preparation Warning Issued by British Govt
Mar07

GDPR Preparation Warning Issued by British Govt

The results of a recent survey carried out by the UK Government suggest that the country’s business sector is not ready for the introduction of the General Data Protection Regulation (GDPR) on 25 May 2018. The most worrying aspect of the results is that just 38% of business and groups questioned were actually aware of the introduction of GDPR and the consequences. Although, the number massively surged, to 80%, for larger...

Read More
Kansas Department for Aging and Disability Services Experiences 11,000-Record Breach
Mar06

Kansas Department for Aging and Disability Services Experiences 11,000-Record Breach

It has been discovered that an employee at Kansas Department for Aging and Disability Services (KDADS) sent an unauthorized email to a group of KDADS business associates that included the protected health information of almost 11,000 individuals. The email was issued to individuals who had already signed a business associate agreement with KDADS which disallows them from disclosing or using inappropriately any emailed protected health...

Read More
5,123 Individuals Impacted by Flexible Benefit Service Corporation Breach
Mar06

5,123 Individuals Impacted by Flexible Benefit Service Corporation Breach

Chicago-Il-based general agency and benefit administrator Flexible Benefit Service Corporation (Flex) has revealed that a phishing attack resulted in an unauthorized person gaining access to a corporate email account. The security breach was first noticed on December 6, 2017 when an email account of a company worker was found to be sending phishing emails. The email account was compromised after a single worker replied to a phishing...

Read More