You must log in or register to comment.
It’s a great example of why I push for the use of technologies where I don’t have to trust companies to play nice with my data. If I use (correctly implemented) end to end encryption then you physically can’t access my data.
Is it really a breach or a major fsckup that needs to be legally dealt with? Sounds more like an ‘oops! Shared everything’ that ‘evil hackers steal tons of PHI’
It’s really the latter, but the laws requiring notification are structured in a way that it’s considered a breach because the end result is the same for the individuals affected.
