CyberSecurityBoard
Sponsor Register Login

Quest Diagnostics pays $5M for dumping patient data, waste The Register

Quest Diagnostics has agreed to pay almost $5 million to settle allegations it illegally dumped protected health information - and hazardous waste - at its facilities across California.
This sum won't hurt at all for the corporation, one of the largest clinical medical lab networks in the US. In all, Quest is being charged slightly less than two days of its $994 million annual profit in 2023 - hardly a serious disincentive.
Under the settlement [PDF], Quest will pay $3,999,500 to ten California counties, plus give $300,000 to environmental projects and an additional $700,000 to foot attorneys' fees and other costs.
It also agreed to hire an independent environmental auditor to review waste-disposal practices at its facilities, and improve processes for handling, storage, and disposal of medical and hazardous waste - as well as personal health information - at four laboratories and more than 600 patient service centers in California.
Quest takes patient privacy and the protection of the environment very seriously and has made significant investments to implement industry best practices to ensure hazardous waste, medical waste, and confidential patient information are disposed of properly.
These include investing in technologies for treatment of biological waste, secured destruction of patient information, programs to maximize recycling efforts and minimize waste-to-landfill disposal, waste-to-energy recovery of non-recyclable wastes, and enhanced waste audit and inspection measures to ensure continued compliance with applicable laws.
In total, the district attorneys' offices said they conducted more than 30 inspections of Quest labs and patient centers across California.
During those inspections, authorities dug through Quest's compactors and dumpsters, and said they found hundreds of containers of chemicals, as well as bleach, reagents, batteries, electronic waste, unredacted medical information, medical waste such as used specimen containers for blood and urine, and hazardous waste such as used batteries, solvents, and flammable liquids.
This waste and data disposal broke hazardous waste law, California's Medical Waste Management Act, unfair competition law, and civil laws prohibiting the unauthorized disclosure of personal health information, prosecutors argued in their court submissions [PDF].
While improperly dumping hazardous waste can have terrible human health and environmental consequences, leaving people's personal records in places where identity thieves can pilfer them - even if they have to wade through bio-waste to get it - isn't particularly ideal, either.
It's bad enough that ransomware crews and other criminals are hitting healthcare facilities to steal protected health records, which can be extremely damaging to patients and organizations.


This Cyber News was published on go.theregister.com. Publication date: Fri, 16 Feb 2024 01:43:06 +0000


Cyber News related to Quest Diagnostics pays $5M for dumping patient data, waste The Register

Quest Diagnostics pays $5M for dumping patient data, waste The Register - Quest Diagnostics has agreed to pay almost $5 million to settle allegations it illegally dumped protected health information - and hazardous waste - at its facilities across California. This sum won't hurt at all for the corporation, one of the ...
4 months ago Go.theregister.com
Cybersecurity in the Healthcare Industry: Protecting Patient Data - In the rapidly advancing era of technology, the healthcare industry faces a critical challenge: protecting patient data from cyber threats. This article will emphasize the significance of cybersecurity in the healthcare industry and explore the ...
5 months ago Securityzap.com
Future Health: AI's Impact on Personalised Care in 2024 - As we dive into the era of incorporating Artificial Intelligence into healthcare, the medical sector is poised for a profound transformation. AI holds immense potential in healthcare, offering groundbreaking advancements in diagnostics, personalised ...
6 months ago Cysecurity.news
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
6 years ago
Hospitals Must Treat Patient Data and Health With Equal Care - COMMENTARY. Hospitals are in the crosshairs: As collectors of some of the most personal and sensitive data available, hospitals are a prime target for hackers and cyberattacks. Patient data needs to be treated with as much care and sensitivity as the ...
5 months ago Darkreading.com
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
What we learned over coffee at the year's biggest healthcare event - Healthcare organizations are dedicated to providing exceptional care, prioritizing the patient's satisfaction and experience through a patient-centered approach. This approach ensures patients are firmly at the center of their care and engaged in ...
1 month ago Feedpress.me
Cyberattackers Target Nuclear Waste Company via LinkedIn - Last week, a group of hackers targeted Radioactive Waste Management, a UK government-owned company behind the country's multibllion-dollar Geological Disposal Facility nuclear waste-storage project, using social engineering and LinkedIn. RWM merged ...
6 months ago Darkreading.com
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
1 month ago Tenable.com
In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt - SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. Each week, we will curate and present a collection of noteworthy developments, ranging from ...
6 months ago Securityweek.com
How to be more sustainable during the holidays - As a member of the Cisco Chief Sustainability Office, I am deeply invested in our planet and hope to help educate others on various topics surrounding environmental sustainability. Switch to LED lights: Decorating with lights is popular this time of ...
7 months ago Feedpress.me
Biodegradable Technology: Sustainable Innovations - Biodegradable technology has a significant impact on our environment, but there is a shocking truth behind its implications. Biodegradable technology has transformed sustainability practices by challenging conventional manufacturing methods and ...
3 months ago Securityzap.com
Poking holes in Google products bagged bug hunters $10M The Register - Google awarded $10 million to 632 bug hunters last year through its vulnerability reward programs. The web goliath's 2023 total represents a slight dip compared to the $12 million in bounties it paid the previous year. Hopefully this means ...
3 months ago Go.theregister.com
How to securely recycle enterprise computers - Disposing of devices in a sustainable manner, while also safeguarding sensitive data, is a dual challenge that many organizations face today. If the old computer was not encrypted, someone can simply go dumpster diving and retrieve it to gain access ...
5 months ago Techtarget.com
Green Technology Innovations: Sustainable Solutions - Unveil the reality behind green technology innovations by exploring the realm of sustainable solutions. Green technology presents a wide array of sustainable innovations, such as solar panels and wind turbines, offering eco-friendly solutions to our ...
3 months ago Securityzap.com
Claroty Team82: 63% of Known Exploited Vulnerabilities Tracked by CISA Are on Healthcare Organization Networks - PRESS RELEASE. NEW YORK and ORLANDO, Fla., March 12, 2024/PRNewswire/ -Claroty, the cyber-physical systems protection company, released today at the annual HIMSS24 conference a new report that uncovered concerning data about the security of medical ...
3 months ago Darkreading.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
3 months ago Feeds.dzone.com
Innovative Legal Move Restores Hospital's Stolen Information - There has been a handover of patient data stolen by the notorious LockBit gang from a cloud computing company to a New York hospital alliance that is partnered with that company. There was a lawsuit filed by the North Star Health Alliance - a group ...
5 months ago Cysecurity.news
Decoding the data dilemma: Strategies for effective data deletion in the age of AI - Businesses today have a tremendous opportunity to use data in new ways, but they must also look at what data they keep and how they use it to avoid potential legal issues. Forrester predicts a doubling of unstructured data in 2024, driven in part by ...
3 months ago Venturebeat.com
CVE-2006-3089 - Multiple cross-site scripting (XSS) vulnerabilities in PhpMyFactures 1.0, and possibly 1.2 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) prefixe_dossier parameter in (a) /inc/header.php; (2) msg parameter in ...
5 years ago
CVE-2024-26706 - In the Linux kernel, the following vulnerability has been resolved: parisc: Fix random data corruption from exception handler The current exception handler implementation, which assists when accessing user space memory, may exhibit random data ...
3 months ago Tenable.com
Aim for a modern data security approach - Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Why current data ...
6 months ago Helpnetsecurity.com
Changing How Healthcare Works: Big News in Communication - In a pivotal transformation within the healthcare industry, a prominent shift is currently unfolding. Direct Secure Messaging has emerged as a game-changer, modernising the way vital information is shared among healthcare providers, pharmacies, and ...
4 months ago Cysecurity.news
Why healthcare data is often the target of ransomware attacks - Healthcare data in recent years has been a very lucrative target for cyberattacks, particularly ransomware, with attackers holding healthcare information, and potentially patient lives, for ransom. Cybercriminals are increasingly focusing on ...
1 month ago Techtarget.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)