![]() ![]() ![]() Our facility is located close to Southeast Missouri State University, and just a half mile east from N Kingshighway St and Broadway St. And we are very much concerned with making sure patient info is kept confidential."įollow me on Twitter for more takes on finance, law, booze, cannabis and whatever else I'm thinking about.Ready to visit the nicest dispensary in Cape Girardeau? Our team of insightful budtenders at Bloom are excited to serve qualified patients the highest quality medical and recreational marijuana available. "Hopefully this will be a wakeup call for other dispensaries open in the state to work with their software vendors to make sure they are testing for vulnerabilities," McNamee said. Those actions could range anywhere from fines or other sanctions to revocation of state-awarded operating licenses.Īs of today, McNamee said the investigation is ongoing and Bloom has not been cited for any Ohio rule violations. The unlawful dissemination of data, including through a data breach, could be grounds for disciplinary actions. There's a general requirement for protecting information, putting the onus on marijuana businesses to work with their software vendors to keep data secure. Ohio laws governing marijuana dispensaries and customer data are more broad. The degree of penalties is ultimately based on the extent to which a HIPAA-covered organization was aware that HIPAA rules were violated. ![]() According to federal laws, the maximum civil penalty for knowingly violating HIPAA is $50,000 per violation, up to a maximum of $1.5 million per violation category per year. It's unclear to what extent HIPAA rules apply to marijuana dispensaries, McNamee said.īut if HIPAA-protected customer information was exposed, the company responsible for protecting those records could potentially face harsh penalties. Once we have identified any affected patients, we will notify each individual and follow all HIPAA breach notification requirements." In a company statement, Bloom has said: "We're working closely with our technology vendor to identify which, if any, Bloom Medicinal patients have been affected. According to vpnMentor: The leaked bucket contained so much data that it wasn't possible for us to examine all the records individually. That's just a portion of the total 85,000 files that were supposedly leaked, though. Those data purportedly include "scanned government and employee IDs, exposing personally identifiable information (PII) for over 30,000 individuals." 24, while working on a "large-scale web mapping project." They claimed to have identified an unsecured Amazon Simple Storage Service (S3) "bucket" that supposedly exposed a litany of customer data. According to the site, researchers discovered the alleged breach on Dec. The alleged data breach was first reported by online group vpnMentor. Headquartered in Florida, Bloom operates 12 dispensaries, three cultivation centers and two processing facilities across its footprint, according to its website. He added that regulators are currently unaware of other possible data leaks of patient information involving Ohio marijuana dispensaries.īloom operates five medical dispensaries in Ohio - the most one entity can operate in the state - in Akron, Columbus, Painesville Township, Maumee and Seven Mile in Butler County. Pharmacy board spokesman Cameron McNamee said that to the state's knowledge, Bloom is the only company in Ohio using that system. The Ohio Board of Pharmacy said it is working in conjunction with Bloom to investigate to what extent patient identities and other information may have been compromised in a supposed data breach of THSuite, a point-of-sales system used by Bloom and some other marijuana retailers. An alleged data breach at marijuana dispensary Bloom Medicinals, which runs five shops in Ohio, is raising questions about cybersecurity in the medical marijuana business - or the lack of it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |