Collaborate Disseminate
Matt Fisher of Carium writes: An important part of establishing strong security for an organization rests with how it interacts with its vendors. The creation of a chain of entities creating, interacting with, storing, or otherwise handling sensitive p… Continue reading Vendors and HIPAA
22 November 2021 Background information Date of final decision: 14 October 2021 Cross-border case or national case: National case Controller: Bank Millennium S.A. Legal Reference: Notification of a personal data breach to the supervisory authority (Art… Continue reading Polish DPA: Bank Millennium fined 80,000 EUR for failure to notify the breach and the data subjects about the incident
Kenny Chee reports: The personal data of nearly 5.9 million Singaporean and South-east Asian customers of hotel booking site RedDoorz was found to have been leaked, in what the Government has called Singapore’s largest data breach. The Personal D… Continue reading Data of 5.9m customers of RedDoorz hotel booking site leaked in Singapore’s largest data breach
Alex Kennedy reports: Hackers stole personal information connected to both patients and employees in the Eastern Health and Labrador-Grenfell Health regions of Newfoundland and Labrador’s health-care system as part of a recent cyberattack, accord… Continue reading N.L. patient, employee data stolen in health-care cyberattack
PHM’s press release, followed by this site’s comments/notes: MEMPHIS–(BUSINESS WIRE)–Professional Healthcare Management, Inc. (“PHM”)1, located in Memphis, Tennessee, announced today that it recently became aware of a data priva… Continue reading TN: Professional Healthcare Management discloses ransomware incident
The Foundation for Medical Care of Merced County previously provided third party administration services for the Merced County School District’s medical and dental plans. The foundation currently provides member claims services for the school di… Continue reading Merced County School District vendor reports a burglary that compromised protected health information
David Kessler and Susan Ross write: On October 19, 2021, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims directly against their organizations’ vendor that had … Continue reading Customers Can Pursue Negligence Claims Directly Against Vendor (Blackbaud)
Manikanta Immann reports: Scoolio is a german app for students, used mainly for educational updates, record keeping, and networking. After informing the flaw to Scoolio’s developer, a fix was released this week to patch the bug. […] In September,… Continue reading Over 400,000 German Students Data Leaked by a Flawed API
Alex Rose reports: The University of Colorado Boulder is sending emails to roughly 30,000 former and current students that have been impacted by a data breach, according to a release from the university. Most of the people impacted are no longer CU stu… Continue reading Nearly 30K former and current CU Boulder students’ personal information hacked
David Sun reports: Personal details of Fullerton Health customers were stolen by hackers and hawked online, after a vendor of the private healthcare group suffered a breach earlier this month. The data was put up for sale on hacking forums from Oct 11,… Continue reading Fullerton Health vendor’s server hacked; personal details of customers sold online