From the Information Commissioner’s Office: The ICO has fined a company for sending direct marketing emails to people who provided their personal data for contact tracing purposes. Tested.me Ltd (TML) of St Albans, provides digital contact tracing services which work by offering people a QR code to scan when arriving at businesses’ premises. The company…
Category: Healthcare
EPIC Urges HHS to Prioritize Patient Privacy in Modifications to HIPAA Privacy Rule
From EPIC.org: In comments to the Health and Human Services Department (HHS), EPIC opposed proposed changes to the HIPAA Privacy Rule reducing restrictions on disclosing patients’ Protected Health Information (PHI). HHS’s proposed rule would expand the entities that can receive PHI without patient consent, lower the standard for disclosing PHI in the process of care coordination, and…
UK: Hospital medic lost boxes of private patient data while conducting study without approval
Jonathan Humphries reports: A senior medic has been suspended after running a clinical trial using sensitive medical information without permission of his hospital. Miguel Martin Garcia, a band 8 physiotherapist at Liverpool Women’s Hospital, used patient consent forms headed with the trust’s branding and carted off boxes of patient records to a private practice. His decision…
Massachusetts AG Presses Pharmacies About Collection and Use of Vaccine Patient Data
From the good folks at EPIC.org: The Massachusetts Attorney General, following up on a letter from EPIC and a coalition of civil society groups, wrote to major pharmacies today seeking details about their collection and use of personal data from COVID-19 vaccine recipients. The federal government is coordinating with retail pharmacies to facilitate vaccine distribution. But as EPIC and coalition partners warned last…