...it seems inherently unfair that you should pay unlimited amounts of money to a third party because of something your vendor did, but then your recovery is limited by your contract. Yet another common carve out is an exclusion from the limitation of liability relating to your vendor’s breach of their (hopefully heavily negotiated) IT security and privacy obligations in the agreement. If your vendor suffers a data breach and your customer’s personally identifiable information winds up on the Internet, your vendor should be on the hook for the total amount of damages, not some arbitrarily capped amount. Cleaning up... Continue Reading
Search Results for data breach
Healthcare data breaches show 25% fraud risk: study
For healthcare institutions, that data breach can really cost. Javelin Strategy & Research has been tracking the cost of data breaches, including healthcare, for the past ten years. Using its data across all their industries tracked (data here), the threat of identity fraud as of 2012 is up to 1 in 4, from 1 in 9 in 2010. In commenting on the big breach last year at the Utah Department of Health (780,000 records, TTA 22 Dec), a Javelin spokesperson has made some news by estimating the additional fraud cost at $406 million–and that is in addition to the estimated... Continue Reading
EHR backlash brewing. But one day, you’ll mine the data
...the EHR business model–not with hundreds of practice EHRs fighting for miniscule share. Also HealthcareITNews. Related articles: Confusion, consolidation and collapse, More EHR misery: EHR payment cutoff, data breach, Revealed: Hospital EHRs lobbied for stimulus funding But no worries, at one point the mining of data–the analysis of ‘big data’ generated on patients–will come from those same EHRs. Privacy concerns of course but this data can be invaluable for research: quick clinical feedback, comparative effectiveness, clinical trials, epidemiology, social acceptance of medication and similar. John Sharp in iHealthBeat reviews Electronic Health Record Data Mining — Is It a Dirty Word?... Continue Reading
Kaiser health records kept in unsecured warehouse, private home
Kaiser Permanente may–or may not–have fully dodged a near-atomic data breach of over 300,000 patient records and more. A now-public dispute between Kaiser and a vendor which stored records for some of their Southern California hospitals has put Kaiser in the hot seat for its practices with both the California Department of Public Health and US Health and Human Services (HHS). This long-time vendor was sued by Kaiser initially for not returning all records after the contract ended, and for storing records in questionable circumstances including a shared warehouse storing party rental items and a Ford Mustang, plus other records... Continue Reading
Telecare Soapbox: Northern Ireland’s ‘unhappy first birthday’ approaches
...the long list? If it were, I think we would have seen more progress by now. Perhaps that is why TF3 decided to nudge the process along and had an article (advertorial?) published in April’s AgendaNI. AgendaNI describes itself as “Northern Ireland’s leading public policy magazine, reaching over 7000 key decision makers in government, business, voluntary and community sectors”. However, other bidders complained that this was indirect canvassing, which is a serious breach of procurement protocols. Following this, Tunstall and S3 seem to have rapidly pulled information about TF3 from their websites, but Fold, at the time of writing, still... Continue Reading
Most Recent Comments