Sep 302015
 September 30, 2015  Posted by  Breaches, Non-U.S.

 Simoney Kyriakou reports:

Fos [Financial Ombudsman Service] has claimed that more data protection breaches are coming across its radar, where providers have disclosed personal and sensitive financial information.

According to Fos, one complaint involved a mortgage lender providing personal financial information about its client, Mr H, to his partner – who promptly left him when she found out he had debt problems.

The case study said that Mr H lived with his partner, Miss A, and their children. The mortgage on their house was in Mr H’s name. He had been having problems keeping up with his repayments for some time, but had not told Miss A.

The study said: “Worried that their home would be repossessed, Mr H asked Miss A if she could make a repayment. Mr H called the mortgage company to make the payment, and Miss A gave her payment details over the phone. During the call, the mortgage company told Miss A the account was significantly in arrears and by how much.

“A few days later Miss A left Mr H and moved away with their children.

Read more on FT Adviser.

Sep 302015
 September 30, 2015  Posted by  Healthcare

From a newly released GAO report:

Representatives from the 18 nonfederal initiatives GAO reviewed described a variety of efforts they are undertaking to achieve or facilitate electronic health record (EHR) interoperability, but most of these initiatives remain works in progress. EHR interoperability is the ability of systems to exchange electronic health information with other systems and process the information without special effort by the user, such as a health care provider. These initiatives’ efforts include creating guidance related to health data standards, encouraging the adoption of certain health data standards or policies that facilitate interoperability, and operating networks that connect EHR systems to enable interoperability. The initiatives varied in a number of other ways, including the types of electronic systems the initiatives are working to make interoperable, the cost of their products or services, the geographic area served, patient use of the products or services, and their organizational structures. For example, GAO found that while some initiatives are making their products or services available at no cost, others are charging a fee for their products or services based on the type of entity using the product or service (e.g., individual physician or hospital) or the amount of data exchanged. Similarly, over half of the initiatives were using varying approaches to facilitate patient access to and control over their health information. The majority of the initiatives GAO selected are still in the process of developing, or encouraging others to adopt, their products or services. Most of the initiatives’ products or services were not widely available at the time of GAO’s review, but initiative representatives anticipated greater availability of their products or services in the next 2 years.

Stakeholders and initiative representatives GAO interviewed described five key challenges to achieving EHR interoperability, which are consistent with challenges described in past GAO work. Specifically, the challenges they described are (1) insufficiencies in health data standards, (2) variation in state privacy rules, (3) accurately matching patients’ health records, (4) costs associated with interoperability, and (5) the need for governance and trust among entities, such as agreements to facilitate the sharing of information among all participants in an initiative. Representatives from the 18 initiatives GAO reviewed said they are working to address these key challenges using different approaches. Each key challenge is in the process of being addressed by some initiatives. To move interoperability forward, initiative representatives noted, among other issues, that providers need to see an EHR system as a valuable tool for improving clinical care.

The Department of Health and Human Services provided technical comments on a draft of this report, which GAO incorporated as appropriate.

ELECTRONIC HEALTH RECORDS: Nonfederal Efforts to Help Achieve Health Information Interoperability
GAO-15-817: Published: Sep 16, 2015. Publicly Released: Sep 29, 2015.

Sep 302015
 September 30, 2015  Posted by  Breaches, Court, U.S., Workplace

Mary Shanklin reports:

A Texas woman has filed a lawsuit against SeaWorld Parks & Entertainment Inc., the Orlando Sentinel and several other defendants for disseminating what she claims is a wiretapped phone conversation.

The complaint filed in Orange County, Texas, states that SeaWorld in 2010 purchased a video recording of a “personal and sensitive” phone conversation between the unidentified Texas woman and her lifelong friend John Hargrove.

At the time, Hargrove was a SeaWorld employee.

Read more on Orlando Sentinel.