ADA Kiosk – National Council on Disability Issues Report on Technology

The National Council on Disability (NCD) has issued a report on measures to ensure access to information and communication technologies for people with disabilities. The document provides recommendations to the President, Congress, and federal agencies, as well as to the technology industry, the private sector, and state and local governments. NCD provided a briefing on the report at the Capitol on October 7 with representatives from industry, disability groups, and federal agencies, including the Access Board.

ADA kiosk
Spastic young man with infantile cerebral palsy caused by a complicated birth sitting in a multifunctional wheelchair using a computer with a wireless headset reaching out to touch the touch screen

“In today’s world, technological equality for persons with disabilities is a social justice issue,” stated NCD Chair Clyde Terry. “To be truly accessible, technological inclusion must be built in from the ground up with every user in mind. Anything else is a step backwards. Anything less creates second class citizens.”

Each year, NCD submits a report to the President and Congress outlining recommendations on new and emerging issues affecting people with disabilities. NCD devoted this year’s report to technology because of its dominant role in everyday life and its potential to transform society and opportunities for people with disabilities. The report explores how technology can contribute to the lives of people with disabilities in education, employment, health and well-being, and independent living. It also identifies common barriers to accessibility, as well as emerging technologies and innovations, and provides recommendations on policies and practices to promote inclusive technology.

The report urges Congress to establish a “Technology Bill of Rights for People with Disabilities” that sets forth principles for any future technology legislation and ensures fair and equal access to technology. It recommends steps that Congress and federal agencies can take to promote inclusive technology and urges the Access Board and the Department of Justice to finalize outstanding rules on technology accessibility. (The Access Board, as noted above, recently submitted for executive clearance a final rule updating its requirements for information and communication technology covered by Section 508 and the Communications Act). In addition, NCD calls upon industry to follow the Web Content Accessibility Guidelines when designing websites and web-based technologies and to invest in research and development of accessible technology.

The report also outlines steps private and public sector entities can take to procure inclusive technology. The report and related information is available on NCD’s website. NCD is an independent federal agency charged with advising the President, Congress, and other federal agencies regarding policies, programs, practices, and procedures that affect people with disabilities.

The 10 Most Common HIPAA Violations | Electronic Medical Records

Good list of 10 most common violations.


  1. Failure to adhere to the authorization expiration date. If an expiration date is set by the patient, confidential records cannot be released after that date. Most Practice Management Systems (PMS) provide for locks or alerts when the expiry date has passed; just turning that feature on may be a quick fix.
  2. Failure to promptly release information to patients. A patient has the right to receive electronic copies of medical records on demand.
  3. Improper disposal of patient records. Patient records must be shredded before disposal or electronic records wiped from any systems that may have contained it.
  4. Insider snooping. No one, including family members and co-workers, can access a patient’s medical records without proper authorization. Password protection, tracking systems and clearance levels must be utilized to prevent unauthorized access. Even basic network setups provide for much of these safeguards if they’re set up properly.
  5. Missing patient signature. HIPAA forms must include the patient’s signature to be valid. If you set these forms up electronically, which many PMS’ allow you to do then these fields can be required before the form is accepted by the system.
  6. Releasing information to an undesignated party. Only the person(s) listed on the authorization form may receive patient information.
  7. Releasing unauthorized health information. A patient has the right to release only part(s) of their medical record. Any part of the medical record that has not been authorized by the patient cannot be released.
  8. Releasing the wrong patient’s information. Controls must be in place to avoid releasing information for the wrong patient. This often occurs when patients have the same or similar name.
  9. Right to revoke clause. All forms signed by the patient must include a Right to Revoke clause or the form is invalid.
  10. Unprotected storage of private health information. Private patient information cannot be stored on unprotected devices such as smartphones, laptops, thumbnail drives or any other unprotected mobile or portable device.

Miami University to Overhaul Critical Technologies

The Justice Department announced that it filed a joint motion today for entry of a

Ada kiosk
ADA Kiosk

consent decree to resolve allegations that Miami University violated the Americans with Disabilities Act (ADA). Under the proposed consent decree, Miami will make significant improvements to ensure that technologies across all of its campuses are accessible to individuals with disabilities and will pay $25,000.00 to compensate individuals with disabilities. The decree also requires reforms to Miami University’s technology procurement practices. These improvements will benefit all future Miami University students with disabilities.

For more information or for a copy of the consent decree, please visit our ADA website at Those interested in finding out more about the ADA may also call the Justice Department’s toll-free ADA Information Line at 1-800-514-0301 or 1-800-514-0383 (TDD).

The Democratization of Censorship — Krebs on Security

To address the threat from the mass-proliferation of hardware devices such as Internet routers, DVRs and IP cameras that ship with default-insecure settings, we probably need an industry security association, with published standards that all members adhere to and are audited against periodically.Click here to edit the content


that attack was launched by a botnet consisting of more than 145,000 compromised IP cameras and DVRs.

Section 508 Best Practices Webinar: Introduction to the three A’s: Accessibility, Assistive Technology and Accommodation

(September 27)

The next webinar in the Section 508 Best Practices Webinar Series will take place September 27 from 1:00 to 2:30 (ET) and will cover accessibility to electronic and information technology, assistive technologies, and reasonable accommodations. Presenters will explain each of these approaches to making covered technologies usable by people with disabilities and the relationship and differences between them. For more details or to register for this free webinar, visit Registration closes 24 hours before the start of the session.

The Section 508 Best Practices Webinar Series provides helpful information and best practices for federal agencies in meeting their obligations under Section 508 of the Rehabilitation Act which ensures access to electronic and information technology in the federal sector. This webinar series is made available by the Accessibility Community of Practice of the CIO Council in partnership with the U.S. Access Board.

Section 508 Best Practices: Introduction to the three A’s: Accessibility, Assistive Technology and Accommodation
September 27, 2016, 1:00- 2:30 (ET)       Add to Calendar
• Alexander Koudry, MS, ATP, PMP, RET; Director, Center for Information Technology Access, General Services Administration
• Timothy P. Creagan, Senior Accessibility Specialist, U.S. Access Board (moderator)

Note: Registration closes 24 hours before the start of the session. Instructions for accessing the webinar on the day of the session will be sent via email to registered individuals in advance of the session. Communication Access Realtime Translation (CART) and Video Sign Language Interpreters are available for each session and will be broadcast via the webinar platform. A telephone option (not toll-free) for receiving audio is also available.

Secret Service Warns of ‘Periscope’ Skimmers — Krebs on Security

The U.S. Secret Service is warning banks and ATM owners about a new technological advance in cash machine skimming known as “periscope skimming,” which involves a specialized skimming probe that connects directly to the ATM’s internal circuit board to steal card data.Click here to edit the content


According to a non-public alert released to bank industry sources by a financial crimes task force in Connecticut, this is thought to be the first time periscope skimming devices have been detected in the United States.


The task force warned that the devices may have the capability to remain powered within the ATM for up to 14 days and can store up to 32,000 card numbers before exhausting the skimmer’s battery strength and data storage capacity.


Advocates for the Blind Sue Over Wi-Fi Kiosks

New York City’s public Wi-Fi kiosks aren’t sufficiently accessible to blind people, according to claims made in a lawsuit filed Thursday by attorneys representing advocates for the disabled.


The kiosks include Braille labels next to a 911 button and a headphone jack. The kiosk’s touch-screen tablet is also at a level so that those in a wheelchair are able to use it, according to a CityBridge spokesman.




Mindy Jacobsen, a 65-year-old Brooklyn resident, is one of three blind residents suing the city. Last week, Ms. Jacobsen, who teaches technology courses in Manhattan, said she plugged her headphones into a kiosk on Eighth Avenue, hoping to use it for directions. But the maps feature was on the touch screen, which Ms. Jacobsen couldn’t use.


A 911 call can only be placed when an on-screen prompt is pressed.



Danbury area grapples with ADA

Most people know that the Americans with Disabilities Act requires many institutions, including governments, to install curb cuts, wheelchair ramps and handicapped parking spaces. Approved by Congress in 1990 and updated in 2010, the ADA aims to provide equal access to those with a wide range of disabilities. Under the ADA, every municipality is required to have a compliance officer responsible for staying current with regulations and handling requests and complaints from disabled residents. Tony Phillips, Ridgefield’s director of social services, doubles as ADA compliance officer, a common arrangement in smaller towns. “It’s really unfortunate that it took an act of Congress to force municipalities to be inclusive and allow people with physical challenges into their business and civic activities,” Knickerbocker said. Ridgefield also plans to add wheelchair-friendly walkways from the high school to the visitors’ bleachers at a nearby athletic field — an amenity that wasn’t considered when the bleachers were designed and installed. The town is also buying a special cart for the town-owned golf course that raises handicapped players to a standing position so they can swing a club.


OHSU pays nearly $3 million over two data breaches in 2013

The university has signed an agreement with the U.S. Department of Health and Human Services to pay $2.7 million and carry out a three-year corrective plan over two breaches in 2013 that involved more than 7,000 patients.


From HISTALK – Oregon Health & Science University will pay $2.7 million to settle charges stemming from two 2013 data breaches involving 7,000 patients, one the theft of a surgeon’s unencrypted laptop from his vacation home and the other caused by medical residents who stored patient information in cloud-based Google Docs. That’s a big penalty considering there’s no proof anyone actually saw or used the patient information.

U.S. Access Board Holds July Meeting

The U.S. Access Board recently convened for its July meeting. On July 11 and 12, Board members met in committee to advance agency rulemaking, review agency programs and operations, and attend presentations on various subjects. They also held meetings with several organizations as part of an agency outreach initiative. At the full meeting of the Board on July 13, which was streamed live, members received reports on these activities and a new member to the Board was sworn in.

New Board Member

Board member Shelley Siegel, FASID and Board Chair Sue Swenson
Shelley Siegel, FASID (right) with Access Board Chair Sue Swenson

Board members welcomed Shelley Siegel, FASID of Lake Worth, Florida to their ranks. Siegel, who was appointed to the Board by President Obama in May, was sworn in by Board Chair Sue Swenson. Siegel is the founder and president of Universal Design and Education Network, an interior design firm that specializes in universal design in residential and commercial projects. She has also been consulting designer of the Siegel Design Group, Inc. since 1972 and is a Fellow of the American Society of Interior Designers (ASID) and a member of the Design Alliance for Accessible Sustainable Environments.

Board Rulemaking

The Board is taking steps to conclude rulemaking in several areas, including new or updated accessibility guidelines and standards for information and communication technology (ICT), transportation vehicles, public rights-of-way, and medical diagnostic equipment.

ICT Refresh

The Board is working to complete a final rule to refresh its accessibility requirements for ICT covered by Section 508 of the Rehabilitation Act and Section 255 of the Communications Act. The Board has finalized the text of the rule and is in the process of completing a companion discussion of the rule, referred to as the “preamble,” and the necessary cost-benefit analysis or “regulatory assessment.” During the July meeting, the Board heard a progress report on the regulatory assessment from its contractor. The Board is scheduled to vote on the full package later this summer and will then submit it to the Office of Management and Budget (OMB) for review. Once the rule is cleared by OMB, it will be published in the Federal Register and posted on the Board’s website.

Update of ADA Accessibility Guidelines for Buses and Vans

Rulemaking is underway to update the Board’s ADA Accessibility Guidelines for Transportation Vehicles. In May, the Board completed work on a final rule that updates guidelines for buses and vans which is currently under review by OMB. The Board will publish the rule once cleared by OMB and will then proceed with rulemaking to update portions of the vehicles guidelines covering rail cars according to recommendations it received from an advisory panel it chartered, the Rail Vehicles Access Advisory Committee, which submitted its report to the Board last year.

Medical Diagnostic Equipment Standards

Under the Affordable Care Act, the Board is developing new standards for medical diagnostic equipment, including examination tables and chairs, weight scales, radiological equipment, and mammography equipment. The Board is working to complete the final rule, including the preamble and regulatory assessment, for OMB’s review.

Guidelines for Public Rights-of-Way and Shared-Use Paths

The Board also is completing work on new guidelines that will address access to public streets and sidewalks and shared-use paths. The text of the guidelines has been finalized, and the Board is preparing the preamble and regulatory assessment.


The Board often invites guest speakers to its meetings to present information on various topics, including accessibility initiatives, new access challenges or “frontier issues,” innovative technologies or product solutions, and research results. At the July meeting, members received a presentation by Michele Erwin, the founder and president of All Wheels Up, Inc. an advocacy organization for improved accessibility aboard airplanes. The organization is promoting development and testing of restraint systems to accommodate wheelchairs aboard planes so that users do not have to transfer to boarding chairs and airplane seats.

In addition, Seanna Kringen, a Research Associate with Beneficial Designs, briefed the Board on new standards for accessible fitness equipment developed by the American Society for Testing and Materials (ASTM) and the Rehabilitation Engineering and Assistive Technology Society of North America (RESNA). She was joined by Ryan Eder, Founder & Chief Executive Officer of IncludeFitness Inc., who demonstrated examples of accessible fitness equipment developed in accordance with the new ASTM standards.

Outreach to Agencies and Organizations

Laptop with BoardBoard members and staff touring ASID’s new offices in Washington, D.C.
Board members and staff tour ASID’s new offices in Washington, D.C.


Over the past year, Board members have visited various agencies and organizations to learn more about their work and areas of mutual interest and to share information on Board resources, services, and initiatives. These discussion also have explored potential partnerships in publicizing the work of the Board, conducting trainings and webinars jointly, and promoting research. In July, Board members met with representatives of ASID, the American Institute of Architects, the American Public Transportation Association, and the Information Technology Industry Council. Board members previously visited the Department of Health and Human Services, the American Hotel & Lodging Association, the National Association of Counties, the National Restaurant Association, and others.

Next Board Meeting

The Board meets every two months. The next Board and committee meetings will take place September 12 – 14. Subscribe to Board news to receive updates on upcoming meetings and other Board events and activities.

Twitter Locks 32 Million Accounts After Breach

Twitter locked millions of user accounts in response to password leak.


It was reported that the login credentials of more than 32 million Twitter users were compromised. According to LeakedSource, which indexes hacked credentials from data breaches, the credentials are being traded on the Dark Web for about 10 bitcoin a pop or a little under $6,000.


LeakedSource goes on to note that passwords are stored as plain text files, and many seem to be attached to Russian users. That detail indicates that the passwords were stolen from users, as opposed to through a hack into Twitter’s central systems.

In response to the leak, Twitter quickly initiated forced resets for many of its users.


As Fortune reported, Twitter remains adamant that its systems were not breached. But either way, the validity of many of the credentials led the company to react by locking down a number of accounts until the owners manually reset their passwords.

Wendy’s Admits Data Breach Much Worse Than Previously Reported

Wendy’s Admits Data Breach Much Worse Than Previously Reported

Click here to edit the content


Wendy’s announced the number of stores affected in a recent data breach is “considerably higher” than the previously reported 300 stores.


Initially, the fast food chain discovered malware on its POS system at 5% of its franchisee-owned locations. However, they have recently uncovered a variant of the first malware.

“The attackers used a remote access tool to target a point-of-sale system that, as of the May 11th announcement, the Company believed had not been affected. This malware has been discovered on some franchise restaurants’ POS systems, and the number of franchise restaurants impacted by these cybersecurity attacks is now expected to be considerably higher than the 300 restaurants already implicated,” the restaurant said in its press release.


The release said the company has disabled the malware “on all franchise restaurants where it has been discovered” and it “continues to work aggressively with its experts and federal law enforcement to continue its investigation.”


Both security expert Brian Krebs and the National Association of Federal Credit Unions have accused Wendy’s of minimizing the issue, and have said the breach could be larger than the ones that affected Target(40 million customers) and Home Depot (56 million customers).

DOJ has launched a new Accessible Technology section for, its Americans with Disabilities Act (ADA) Web site

To further assist covered entities and people with disabilities to understand how the ADA applies to certain technologies, such as Web sites, electronic book readers, online courses, and point-of-sale devices. 


Covered entities have longstanding obligations to make their programs, goods, services, and activities accessible—including those they provide online or via other technology.  The new Web pages compile in one place the Department’s technical assistance and guidance about accessible technology, as well as information about the Department’s accessible technology enforcement efforts, regulation development, and other federal accessible technology resources and initiatives.