Tag Archives: Theodore J. Kobus III

Massachusetts Attorney General Settles Enforcement Action for $750,000

In June, 2010, South Shore Hospital announced on its website that unencrypted back-up tapes containing patient information went missing and were believed to have been discarded at a dump. Reports state that this incident involved 473 tapes which contained information about 800,000 patients, including names, social security numbers, account numbers, and medical diagnoses. On May … Continue Reading

HHS Settles HIPAA Violations Related to a Breach for $1.5M

By Theodore J. Kobus III on March 15, 2012 Posted in Data Breaches, Enforcement, HIPAA/HITECH, Medical Privacy

BlueCross BlueShield of Tennessee (BCBST) was the victim of a theft in 2009 when an intruder stole 57 hard drives which contained protected health information (PHI) of more than 1 million customers. The information on the hard drives included names, Social Security Numbers, diagnosis codes, dates of birth, and health plan identification numbers. Reports suggest … Continue Reading

Privacy and Data Breach Regulatory Activity–A Year in Review

By Theodore J. Kobus III on December 29, 2011 Posted in Breach Notification, Data Breach Notification Laws, Data Breaches, Enforcement, HIPAA/HITECH, Identity Theft, Information Security, Medical Privacy, Online Privacy, Payment Card Industry

While plaintiffs continue to face an uphill battle proving damages in privacy litigation – regulatory actions and investigations seem to be increasing. During 2011, we saw activity from many government agencies—both state and federal—including the Federal Trade Commission (FTC), Department of Education (DOE), Department of Health and Human Services (HHS) Office for Civil Rights (OCR), … Continue Reading

Data Breach Response: A Year in Review

By Theodore J. Kobus III on December 27, 2011 Posted in Breach Notification, Data Breach Notification Laws, Data Breaches

In 2011, we saw some of the most significant data breaches in U.S. history. There are a plethora of causes—ranging from hackers to employee error to criminals using sophisticated malware. Notification letters are being sent so frequently, consumers are almost becoming immune to the daily announcements that personal information has been breached. Still, corporations facing data … Continue Reading

After the Data Breach: What Do Regulators Expect and What Can I do to Prepare?

By Theodore J. Kobus III on September 21, 2011 Posted in Data Breaches

Today is very exciting for me. It is my first day at Baker Hostetler as National Co-Leader of the Privacy, Security and Social Media Team. And, it is also my first contribution to Data Privacy Monitor. Not only am I joining a solid privacy team that is supported by a large platform, I now have an opportunity … Continue Reading