ABCD Pediatrics, located in San Antonio, Texas has notified the Office for Civil Rights that a ransomware cyber intrusion has resulted in access to its servers, including the protected health information (PHI) of its patients. The ransomware used by the attackers was Dharma. The practice found through forensic analysis that access had been gained to … Continue Reading
Denton Heart Group, located throughout Dallas, has notified 21,665 patients that their protected health information has been compromised as a result of the theft of a hard drive from a locked closet. The hard drive that was in the closet contained the group’s backup data from the practice’s electronic health system—which included apparently of all … Continue Reading
In a rare move by the OCR, it assessed a $3.2 million fine against Children’s Medical Center of Dallas (Children’s) after it issued a Notice of Proposed Determination against Children’s and Children’s failed to request a hearing. The Notice was issued following the OCR’s investigation of two self-reported data breaches. The first involved the theft … Continue Reading
The Association for Unmanned Vehicle Systems International (AUVSI) has announced the formation of a Remote Pilots Council which aims to promote education and dialog between commercial unmanned aircraft systems (UAS or drones), operators, industry stakeholders and the Federal Aviation Administration (FAA). The council will discuss opportunities and challenges related to the safe and responsible use … Continue Reading
StarCare Specialty Health System, located in Lubbock, Texas, is notifying 2,900 patients “who received Intellectual Developmental Disabilities program services, Behavioral Health program services, and Therapeutic Treatment Community services” that their protected health information (PHI) and behavioral health information was compromised in the theft of five laptop computers from its office. The theft occurred on May … Continue Reading
PayPal agreed to pay $175,000 and strengthen its privacy and security disclosures in a settlement agreement reached with the Texas Attorney General’s office (the “AG’s office”). The AG’s office claimed that PayPal failed to explain to users of its Venmo mobile money transfer app how users’ personal information would be used and shared. PayPal acquired … Continue Reading
Uber Technologies, Inc. was hit with another class action lawsuit [view previous post here] last week for allegedly violating the Telephone Consumer Protection Act (TCPA) when it sent text messages to its customers without prior written consent. The suit, filed in federal court in Texas, alleges that Uber sent text messages to its customers to … Continue Reading
Last week, Texas resident Manuel Flores filed suit in Texas challenging the constitutionality of the state’s drone surveillance law. His suit claims that the law treats approximately one million residents categorically differently from those in the rest of the state. The Texas drone law at issue here, Section 423.002(a)(14) of the Texas Government Code, states that … Continue Reading
Did you know that a Victoria’s Secret catalog is one of the top reasons that Congress included privacy protections in the Gramm-Leach Bliley Act (GLB Act)? The GLB Act protects consumers’ financial information and requires financial institutions to explain their information-sharing practices to consumers. These privacy protections were introduced by Representative Ed Markey of Massachusetts … Continue Reading
In what is being described as the first case in the U.S. regarding a state biometric privacy statute, a proposed class was successful in thwarting a motion to dismiss by Shutterfly last week over its alleged practice of collecting and storing face geometry from photos without individuals’ authorization. The plaintiff alleges that Shutterfly is using … Continue Reading
Not-for-profit mental health center Emergence Health Network, located in El Paso, Texas, has announced that its computer servers were compromised “through an unauthorized internet connection” from as far back as 2012. The center discovered the compromise in August when it “became aware of strange activity on one of our computers.” A forensic analysis revealed that … Continue Reading
Not only did the IRS lose a flash drive with 12,000 school workers’ Social Security numbers on it in Texas (view related post), it admitted on August 17th that its initial estimate that 110,000 taxpayers’ personal information was used to file false tax returns this year is… well…actually 334,000 data breaches and upwards of 390,000 … Continue Reading
The US Attorney’s Office for the Eastern District of Texas recently announced that a former employee of an East Texas hospital has been sentenced to 18 months in federal prison for criminal HIPAA violations. Although we frequently report on any civil penalties imposed by the Office for Civil Rights of the Department of Health and … Continue Reading
