Sony: Employee Health Information May Have Been Compromised

Sony Pictures Entertainment has sent a letter to employees warning them that, along with huge amounts of corporate and employee information, some personal health data belonging to SPE employees may also have been compromised in the attack that hit the company in late November.

An Idaho non-profit hospice has been fined $50,000 for losing a laptop containing unencrypted data on 441 patients.The laptop was stolen in February 2011 from a hospice worker’s car and never retrieved, according to news accounts. But Hospice of North Idaho officials say there is no evidence the personal information has been used to commit identity theft or fraud.

UPDATE – Some 4,000 University of Michigan Health Systems patients had their medical data compromised last month when a vendor’s laptop containing medication log files was stolen from a vehicle.That medication management provider, Mountain View, Calif.-based Omnicell, admits it violated both its own and UMHS hospitals’ data storage policies when it left patients’ demographics, medication regimes and admissions records on an unsecured device that was stolen from an Omnicell employee’s car on Nov. 14.

The University of Arkansas for Medical Sciences is letting some 1,500 patients know their information was kept without permission by a resident physician after she was terminated.The health care facility plans to mail impacted patients who had surgery or were seen by a neurosurgeon from January to June 2010. Some patient data included name, address, date of birth, medical record number and date of service. Others also included more sensitive information such as diagnoses, medications, surgical and other procedure names, and lab results.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.