Sony Data Breach Lawsuit Settlement Agreed
The huge cyberattack to hit Sony last year resulted in the confidential information of employees being obtained by hackers, potentially placing those individuals at risk of suffering damage or loss. In the wake of the breach, employees were rapidly signed up for a class-action lawsuit against Sony. Approximately 50,000 current and former employees of the entertainment giant added their names to the lawsuit, which sought damages for the potential exposure of data. In many cases, employees of Sony had their confidential data posted online for all to see. The data included detailed information on medical diagnoses of employees and their families, and included information such as cancer, kidney failure and alcoholic liver disease diagnoses, in addition to birth dates, gender, health condition and medical costs incurred. Approximately 30,000 individuals’ clinical information was exposed in the data breach. The 2014 cyberattack may have been the largest data breach to be suffered by the company, but it was not the first. In 2011, Sony suffered a large-scale data breach that exposed the...
Oakland Family Services Phishing Attack Claims 16K Victims
Oakland Family Services, a community outreach organization based in Pontiac, MI, has alerted 16,000 of its patients that some of their Protected Health Information was compromised in an email phishing attack that took place on July 14, 2015. By responding to an apparently legitimate request for information, an employee inadvertently gave the hacker access to data contained in a single email account. The electronic medical record databases were not accessed during the security breach. A press release issued by Oakland Family Services explained that no financial information was exposed in the security breach, although it is possible that patient names, medical ID numbers, service dates and details of the services provided were all potentially accessed. Some emails contained more detailed information on patients, which included health insurance and health plan ID numbers, contact telephone numbers, home addresses, dates of birth, and medical diagnoses. A total of 173 Social Security numbers were also exposed. The data related to patients who had visited Oakland Family Services for...
Lua Recognized by Aragon Research for Strategy and Performance
Aragon Research has named Lua a Contender in its in 2015 Tech Spectrum for Mobile Collaboration. Aragon Research assesses companies based on their strategy and performance and produces a market evaluation tool that represents emerging and mature markets and vendors in graphical form. Being included in the Contender category confirms Lua has a solid business strategy that is driving the company forward. Aragon Research also recently named Lua one of the top three hottest vendors of 2015 in its Hot Vendor in Mobile Collaboration report. Mobile collaboration is now a necessity for most businesses to provide support to an increasingly mobile workforce. Without mobile communication apps such as Lua’s HIPAA-compliant mobile-first communication solution, it would be impossible to provide remote workers with the same level of support as those based in hospitals and other healthcare facilities. “Mobile collaboration apps like Lua are making it easier for people to interact with internal and external colleagues and partners on any device without barriers,” said David Mario Smith, Research...
10M-Record Cyberattack Reported by NY Health Insurer
Another massive health insurer data breach has been discovered; one which has potentially affected up to ten million health plan members. Excellus BlueCross BlueShield, a health insurer based in Western New York, along with its affiliates – Lifetime Healthcare Companies, Lifetime Benefit Solutions, Lifetime Health Medical Group, Lifetime Care, Univera Healthcare, and the MedAmerica Companies – have all reportedly been affected. Data Access was First Gained in 2013 The data breach was discovered on August 5, 2015. An investigation was immediately launched, which revealed that as many as ten million individuals had been affected, with the hackers having first gained access to the data more than 18 months ago. Access to the confidential data of plan members is believed to have been first gained on December 23, 2013, giving the perpetrators plenty of time to use the data. However, even though the data was potentially stolen such a long time ago, according to the insurer, no evidence of inappropriate use has so far been discovered. High Risk of Identity Theft and Insurance...
OCR HIPAA Compliance Audits to Commence in 2016
The new Deputy Director for Information Privacy at the Department of Health and Human Services’ Office for Civil Rights has been adjusting to life at the OCR since her appointment earlier this year, but until now she has not given an interview to the news media. However, she recently gave an exclusive interview to the Security Media Group, in which she cast some light on planned OCR activities, including the upcoming HIPAA compliance audits. Deven McGraw Gives First News Media Interview McGraw spoke with HealthcareInfoSecurity’s Executive Editor, Marianne Kolbasuk McGee, and was quizzed on OCR enforcement activities, current and future OCR initiatives, and was asked the question that is on everyone’s lips at the moment: When will the HIPAA compliance audits take place? A Shortage of Resources has been McGraw’s Biggest Challenge The program of random HIPAA audits was penciled in for 2014; however the sheer scale of the job has caused problems. Audits take a considerable amount of time and resources, something which the OCR lacks. McGraw confirmed that the current...



