Monthly Archives: December 2009

Texas to Destroy 5.3 Million Illegally Obtained Blood Samples

As part of the settlement of a federal court action, the State of Texas has agreed to destroy more than 5 million blood samples taken from babies without parental consent and stored indefinitely for the purpose of scientific research.  The Texas Department of State Health Services announced earlier this week that it would destroy the samples in connection with the settlement of a federal lawsuit filed in March 2009 by the Texas Civil Rights Project on behalf of five parents of children whose blood was being held for use in research without their consent.… More

Incidents of the Week: Iranian Cyber Army Targets Twitter & $26 Software Application Intercepts U.S. Military Satelite Feeds In Iraq

1.  Iranian Cyber Army Puts Twitter On Hold

Around 10 pm last night, popular social networking site Twitter, was apparently hacked by a group calling themselves the Iranian Cyber Army.  Iran and Twitter have had a rocky relationship since last summer when Iranian citizens spread the protests over Iranian elections to the popular web site.  During that time, links circulated on Twitter that allowed users to participate in DoS (Denial of Service) attacks on Iranian government websites. … More

Is Tougher HIPAA Enforcement Finally On Its Way?

It has been well over a decade since the passage of HIPAA in 1996. HIPAA has caused many changes in the way the business of health care works, including going a long way to create the position of “health information professional.” One area where HIPAA has, as yet, had little impact has been in enforcement. The history of enforcement of HIPAA’s privacy and security rules has been slim and almost none. The changes in behavior that have occurred have been done out of a desire to follow the law,… More

HIPAA Breach Notification Made Simple — Just Fill in the Blanks

The Department of Health and Human Services’ Office of Civil Rights (“OCR”) has tried to make a HIPAA security breach easy to report, with its newly-released online “Notice to the Secretary of HHS of Breach of Unsecured Protected Health Information.” 

The online form is straightforward, featuring pull-down options tied to the new HITECH rules:  it will let you report whether your breach is for more than 500 individuals (or fewer than that),… More

Incident of the Week: Hack of Researchers’ Email Triggers “Climategate”

Compared to security breaches that involve credit card and bank account information, other breaches in security often get somewhat shortchanged in the media, notwithstanding the occasional hack of a celebrity cell phone. The same cannot be said of the purloined emails one hacker posted online that are alleged to the the back and forth between climate change researchers at the University of East Anglia in the United Kingdom which are at the center of new controversy in public debate over climate change.