"#War #Manifesto On #Compliance Frameworks:
Turning #Protocols, #Regulations & #Standards Into Monetization Weapons
(#BaselIII, #CCPA, #Dodd-Frank, #ESG, #GDPR, #HIPAA, #HITECH, #IATF16949, #IEC/ISO #9001/#14001/#27001/#45001, #NIST, #PCI #DSS, #SOC 1/2/3, #SOX & All Other Current/Future #Frameworks)"
https://www.europesays.com/uk/45042/ Quantum computing prepwork made faster with graph-based data grouping algorithm #ComputerNews #Computing #HiTechNews #hitech #InformationTechnology #Innovation #inventions #Technology #UK #UnitedKingdom
I am shocked and confused by the sheer number of people who believe that the government can’t make a list of people with #autism because of HIPAA. Bruh WHAT?!?!
If you’ve received a prescription that would show up in the prescription drug monitoring database in your state nothing prohibits them from giving that information to the federal government. But it sounds like he’s planning on getting that information directly from the pharmacies anyway. Why wouldn’t the pharmacy give the information to the government? They don’t care about us.
If you have Medicaid or medicare or tricare, the federal government has your records.
But even if not, an EO could eliminate HIPAA and who would stop it?
The Hospital system I use (and the last three in NH that I have used) all have fine print in their privacy policy that says they can send your medical information to anyone they deem necessary. None of the fine print at my providers in California said this, but I haven’t lived there in 10 years so maybe they do now.
When I see this and I object to it they claim it it’s no big deal, it’s just so if they want to refer me to another medical practice they don’t have to ask me first they can just send the records and that’s good for me because then things happen faster.
Every time I’ve seen this in the fine print at a new doctor’s office I’ve had to go through all kinds of extra steps to make sure it’s on record that they are not to send my medical records anywhere without talking to me first.
#HIPAA isn’t real anymore and it hasn’t been for a really long time. Obama did #HITECH when we got EMRs, but the only provision from that I found useful was that I could request a print out (I think they called it an audit trail) of everyone who had accessed my electronic medical records, which could assure me that my ex-boyfriend wasn’t looking at my Hospital records when he was in surgery there as an anesthesiologist.
Back in 2021 or 2022 JAMA published an article explaining that HIPAA won’t save you from getting arrested in a post roe country, but last time I clicked on it it wasn’t available anymore. It’s not what people think it is. It’s not going to save us.
The recently invented telescope acquired its name on 14 April 1611 #histsci #hitech
https://thonyc.wordpress.com/2011/07/12/teleskopos-how-the-telescope-got-its-name/
https://www.europesays.com/uk/6016/ A new way to bring personal items to mixed reality #ComputerNews #HiTechNews #hitech #InformationTechnology #Innovation #inventions #Technology #UK #UnitedKingdom #VirtualReality #VR
https://www.europesays.com/?p=1939236 Israel’s economy under pressure as war and judicial crisis deepen – Israel News #Budget #Economy #HiTech #IsraelEconomy
Breach notifications needed to be made faster in 2024. Instead, they were made more slowly.
Some findings from #Bluesight 2025 Breach Barometer report plus additional observations and my frustration with #HHSOCR for not enforcing the notification requirements in #HIPAA and #HITECH.
Washable touchless technology could transform electronic textiles https://www.byteseu.com/781844/ #ComputerNews #HiTechNews #hitech #InformationTechnology #Innovation #inventions #Technology
Italy says Israeli Paragon spyware deal remains intact https://www.byteseu.com/?p=741743 #HiTech #Italy #Spy #Technology
Mismatched training environments could help AI agents perform better in uncertain conditions https://www.byteseu.com/698925/ #ComputerNews #environment #HiTechNews #hitech #InformationTechnology #Innovation #inventions
January 2025’s featured mix is from a long-standing Human Spectrum DJ Mörkö-Anneli. He plays our music with a twist.. Upward. A lot 
https://soundcloud.com/humanspectrum/featured-mix-morko-anneli
Sharp-eyed @zackwhittaker caught this one:
UnitedHealth hid its Change Healthcare data breach notice for months:
Let's make sure Zack's reporting gets indexed.
@froge I agree. If this is just the beginning of a new campaign that addresses timely notification too. They have announced the campaign on risk assessment already and have already announced a few settlements over that. But there's been no formal announcement or press release about any campaign specifically targeting timely notification.
I haven't finished up our 2024 gap analyses between discovery of breaches and notifications, but too many do not or cannot comply with the regulation. And then there all the entities that don't even report their breaches at all, and I wonder how we will get HHS OCR to address that unless I send them a massive watchdog complaint that lists about 150 regulated entities that didn't disclose breaches this past year when it appears that they did have reportable breaches.
Pacific Pulmonary Medical Group patient information dumped by Everest Ransomware Team
There is a LOT of #PII and #PHI in the tranche. Most of the #PII and #PHI are in .csv files that each cover a two-week period. There are csv files like that for 2022, 2023, and up to the first week of October 2024, when Everest likely accessed and exfiltrated data.
So far, I haven't found any statement or notice from the provider or report to HHS, and they haven't yet replied to any inquiry submitted to them earlier today.
More details here: https://databreaches.net/2024/11/23/pacific-pulmonary-medical-group-patient-information-dumped-by-everest-ransomware-team/
Reading a book (2020) about #HR which explains carefully what is “Web 2.0” makes me wonder if
- HR folks are really perceived as not knowledgeable about what’s been going on in the internet since 10 years OR
- is it my personal bias telling it was truly old news when the book was updated the last time?
IDK. But I feel like to book thinks I’m stupid 
#humanResources #hiTech #web20
Still in the dark: A “500 marker” on HHS's public breach tool is updated, but too many still aren’t. Is HHS doing anything about this??
Spoiler alert: They don't seem to be.
When you don't know why you are being notified of a breach, Tuesday edition.
Back in March, I reported on a #ransomware attack on New York Plastic Surgical Group/Long Island Plastic Surgical Group. I would later help get one of the threat actors' storage sites taken down.
Fast forward to yesterday, when to our surprise, my husband received a breach notification letter from NYPSG. Neither one of us can recall him ever being a patient of theirs for anything.
[Had I known NYPSG had his data, I would have examined the data tranche more!]
Needless to say, we have questions....
https://databreaches.net/?p=113912
#HIPAA #databreach #incidentresponse #transparency #notification #HITECH
Everything old is new again, part 2: Was U.S. Dermatology Partners hit twice within months?
Change Healthcare submitted a breach notification to #HHS on July 19. They report the number of patients affected as "500" (a marker for "We have no friggin' idea how many and we'll get back to you at some date before the end of civilization maybe.").
They didn't comply with the "no later than 60 calendar days" requirement and I'm not sure what good a "500" report does anyone.
