On June 3, 2019, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued a fraud alert to notify consumers about genetic testing fraud schemes (the Alert). According to the OIG, fraudulent actors are using the provision of free genetic testing kits to obtain Medicare information from unwitting consumers, and
Uncategorized
NIST Issues Blockchain Technology Report to Help Businesses “Make Good Decisions” About Using Blockchain
On January 24, 2018, the National Institute of Standards and Technology (NIST) issued its “Draft NIST Interagency Report 8202 Blockchain Technology Overview” which it announced as NIST’s “Report on Blockchain Technology Aims to Go Beyond the Hype.” The press release announcing the issuance of the report starts by stating “Beguiling, baffling or both—that’s…
Google Tracking of Android Users Goes Beyond the Expected
By now most smartphone users are aware of location tracking used by both Apple and Android operating systems. Basic location tracking is a system which uses GPS data to know the phone user’s location. However, according to a recent article published by Quartz, Google’s data collection goes far beyond basic location tracking. Not only does the data collected go beyond simple location information, but the ‘Opt In’ service Google uses to collect that data, Location History, isn’t as truly Opt In as users might expect. According to Quartz, Google’s Location History underlies many of Android’s main apps, including Google Assistant and Google Maps. Furthermore, Opting In to Location History for one app may actually give many apps access to Location History’s data and the ability to send that data to Google.
Continue Reading Google Tracking of Android Users Goes Beyond the Expected
Lessons Learned from Recent OCR HIPAA Audits
Covered entities, including employer sponsored health plans, should brace for audits and enforcement of the Privacy, Security, and Breach Notification rules by the Department of Health & Human Service Office of Civil Rights (OCR) following OCR’s recent announcement of a large HIPAA settlement last month on the heels of its release of the preliminary results…
Stored Communications Act Does Not Prohibit Disclosure of Deceased’s Yahoo Account
In what appears to be a case of first impression in the Commonwealth of Massachusetts, the Supreme Judicial Court (SJC) has ruled that Yahoo may disclose the contents of a deceased’s Yahoo email account to his personal representatives and is not precluded from doing so by the Stored Communications Act (SCA).
The subscriber passed away…
Murder Arrest Warrant Weaves Web of Data Evidence in – Fitbit, Facebook, Alarm Systems and More
The warrant that led to the arrest of a husband for the alleged murder of his wife weaves a web of electronic evidence. Based in large part on Fitbit fitness tracker data, Connecticut authorities have charged Richard Dabate with the murder of his wife, Connie. He also faces charges of tampering with evidence and making…
Privacy Tip #85 – OIG Warns Consumers of Phone Call Scams by OIG Imposters
Phone call scams are on the rise. In addition to scam artists posing as employees of utility companies (see Privacy Tip #84), the Office of the Inspector General (OIG) has issued a warning to consumers about a phone scam involving imposters of its agency.
The imposters call consumers saying they are from the OIG…
Two Class Action Suits Filed Against Banner Health Less Than A Week After Notices Are Sent Regarding Data Breach
We previously reported that Banner Health (Banner) started sending notices to over 3.7 million individuals about a data breach that started with food and beverage purchases and ended up compromising employee and patient information [view related post]. This data breach is the largest so far this year.
Less than a week after Banner started…
Utah votes to let authorities disable drones near wildfires
This week, in Salt Lake City, lawmakers approved a bill that would allow Utah authorities (i.e., firefighters or law enforcement) to disable and down drones if they are being flown too close to wildfires. Governor Gary Herbert said, “This summer, wildfires in the state have become significantly worse due to drones interrupting air operations. It…
HHS: Ransomware attacks likely HIPAA breaches in absence of encryption
On July 11, 2016, the U.S. Department of Health & Human Services (HHS) issued a Fact Sheet that provides guidance on (i) how HIPAA Security Rule compliance can assist health care organizations combat ransomware attacks, and (ii) the applicability of HIPAA’s Breach Notification Rule to ransomware attacks. This guidance is particularly timely due to the…