BreachExchange mailing list archives
Medicare data breaches increase privacy fears
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Tue, 16 Mar 2010 02:17:05 -0400
http://www.theaustralian.com.au/australian-it/medicare-data-breaches-increase-privacy-fears/story-e6frgakx-1225841101367 MEDICARE Australia dealt with 234 serious data privacy breaches by employees in 2007-08, but 160 of these resulted in only an emailed warning or counselling. In the three years from November 2006 until December last year, 569 staff were identified as having "unauthorised access" to client records held by the agency. Contrary to recent Medicare claims that most of the unauthorised access related to staff accessing their own records, only 171 out of the 569 investigated were in that category. Medicare was yesterday forced to produce data breach statistics and details of sanctions to a senate inquiry, after disputing revelations in The Australian of staff snooping. Under the Healthcare Identifiers Bill, to be debated by the senate this week, Medicare will compulsorily assign unique, 16-digit patient identity numbers to all Australians, and operate a national identifier service to expand electronic communications right across the health sector. A Medicare spokesman said yesterday all potential cases of unauthorised access were investigated. "Where inappropriate access is identified, penalties are applied according to the seriousness of the breach," he said. "For instance, a person who has looked at their own record or a family member's record on the same card on one occasion may undergo counselling. More serious incidents are dealt with more severely, such as by termination of employment or by resignation. "This has occurred when someone has looked at multiple records, including those of family members, on a number of occasions without a business need." Medicare was committed "to upholding best privacy practice", he said. [..] _______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Medicare data breaches increase privacy fears Jake Kouns (Mar 17)