Just saw, via Bruce Schneier’s great security blog, a very interesting case discussing the Gramm-Leach-Bliley obligations of a financial institution to provide security regarding customer financial information. If you don’t know, GLB is in many ways the financial institution analog to HIPAA. In any event, an employee of a Student Loan company had a bunch of applicant financial information on his home laptop computer (the employee telecommuted). The house was burgled, the laptop stolen and never recovered. There was never any evidence that any of the information on the laptop was used for untoward purposes, and because of the way the employee worked at home, there was no way to know whose information was on the computer at the time it was stolen anyway. But the company notified all applicants that their information might’ve been compromised. Even though he had suffered no damages, one applicant sued. The court threw out the suit.
This obviously has implications for the Providence case.
[Via HIPAA Blog]
Related posts:
- New Inspiron 9400 Laptop
- HIPAA audit: The 42 questions HHS might ask
- EFS on SBS2K3 & WinXP
- The business of trust
- Outlook-Exchange access from XP Home
Related posts brought to you by Yet Another Related Posts Plugin.
0 responses so far ↓
There are no comments yet...Kick things off by filling out the form below.
Leave a Comment