The Health sector is a perfect storm of a poor privacy culture, high staff turnover, inadequate training for professionals resistant to perceived outside interference, ineffective regulation and highly sensitive personal information of patients.  It is little wonder that data breaches and privacy invasive practices in the health sectory are chronic problems. On 12 November two Dutch Hospitals reportedly stopped using a Belgium laboratory for pre natal testing when they found it was using the personal information for commercial marketing.   A California health plan had a data breach in October while in Florida Read the rest of this entry »

Ransomware is a chronic problem, particularly in the health sector which is reliant on very sensitive records, including those of patients, and in a work environment which has a high turnover of staff and generally a poor privacy culture. Ransomware is almost invariably Read the rest of this entry »

Another day, another massive data breach. This time an Australian record with more than a million personal and medical records of people donating blood to the Australian Red Cross having their information exposed on line.

The Red Cross issued a fairly comprehensive statement which Read the rest of this entry »

The Federal Communications Commission (the “FCC”) has just passed new rules which will limit internet service providers in the United States selling on customer information and increases customers control over their personal information.  The announcement is Read the rest of this entry »

Today the Privacy Amendment (Notifiable Data Breaches) Bill 2016 was introduced and read for the first time.  Mandatory data breach notification laws have Read the rest of this entry »

Misuse of confidential information and regular data breaches has been a longstanding and systemic problem for the Victorian Police Force.  In the past two years I have posted on problems with the misuse of the LEAP database, which contains personal information of Victorians, here and here.  Police documents containing sensitive personal information were found in the possession of outlaw bikie gang members in 2013.

In his 2016 annual report Victorian Commissioner for Privacy and Data Security set out problems in the Victorian Police with data management.  There was a 36% increase in data security breaches over the previous year.  The Commissioner identified Read the rest of this entry »

Applications for injunctive relief are not uncommon in the commercial division of the superior courts.  In Hera Project Pty Ltd v Bisognin & Anor [2016] VSC 591 Justice McCaulay considered an application arising relating to a contract of sale of land.

FACTS

His Honour described the events leading up to this application was Read the rest of this entry »

The US Federal Communications Commission made an announcement on 6 October that it will setting down rules applying to internet service providers to protect privacy.  It will also be using its enforcement powers against internet service providers in a similar manner to the Federal Trade Commission.

As part of the announcement it highlighted the Read the rest of this entry »

The UK Information Commissioner has issued TalkTalk with a £400,000 fine for its failure to provide adequate security which resulted in the catastrophic data breach on TalkTak which occurred in October last year.  The ICO can issue a maximum of £500,000.

The breach resulted in personal data of 156,959 customers and the bank account details of Read the rest of this entry »

Yesterday in Pippa Middleton & anor v Person Unknown or Persons Unknown [2016] EWHC 2354 (QB)  Mrs Justice Whippie continued an injunction made on 24 September 2016 prohibiting the publication of photographs hacked from Pippa Middleton’s iCloud account.  The media reports that Read the rest of this entry »