Loading
A co-conspirator who pleaded guilty in August 2012 to the 881-patient data breach that occurred more than two years ago at the Troy Regional Medical Center in Alabama was sentenced to 10 years in prison this week. The employee was Rhashema more »
The U.S. Department of Health and Human Services (HHS) and Office for Civil Rights (OCR) are working on a new HIPAA project for a population segment that needs to be reminded of its patient rights. HHS and OCR announced the more »
In light of news this week that Department of Health and Human Services (HHS) had released a resolution agreement for Idaho State University’s (ISU) 2011 health data breach, Office for Civil Rights (OCR) comments on HIPAA/HITECH compliance at the 6th Annual more »
Health IT security vendor news for the week of May 20-23 Axion Health offers HIPAA and NIST compliance: With recent news of the Omnibus Ruling for HIPAA, more organizations will likely pay closer attention to protecting personal health information (PHI) or more »
Cloud computing technology options continues to grow in number by the day for healthcare organizations and discerning what the best products and services are can be challenging. But regardless of what type of cloud technology an organization uses, having confidence more »
ID Experts, an IT services vendor that offers customers assistance with security and compliance projects, released a list of 10 data breach vulnerabilities today. While the items mainly revolve around what the experts considered general security weaknesses, a few certainly more »
The Department of Health and Human Services (HHS) released a resolution agreement yesterday for Idaho State University’s (ISU) HIPAA violations that date back to Aug. 9, 2011. Because ISU’s Pocatello Family Medicine Clinic exposed 17,500 patients’ data by disabling a firewall more »
As more EHR vendors create web-based and mobile interfaces for their products, the mobile market is further fragmented with applications that often weren’t meant for mobile. In response, many healthcare organizations are shunning the concept of EHR vendor websites and more »
The State of California Office of Health Information Integrity (CalOHII) is taking a unique approach to educating covered healthcare organizations and providers in the state about matters of patient consent and authorization for health information exchange. Dubbed the HIE Consent more »
There is more patient data exposure news from Buffalo, NY, as following the recent health data breach at DENT Neurologic Institute, the Erie County Comptroller’s office (headed by Stefan I. Mychajliw) reported that paper health records with protected health information more »
As the Sept. 23, 2013 compliance date for the HIPAA omnibus rule creeps closer, many healthcare organizations are reviewing their current policies and procedures. One area that may fly under the radar but is critical to HIPAA compliance is an more »
News 4 Tucson (KVOA.com) reports that at least eight patients in Tucson, Ariz. have had their medical data compromised after paper health records containing dates of birth, Social Security numbers and health insurance information were found in Tempe, Ariz. A more »
A healthcare chief information officer (CIO) saying that he expects to experience a health data breach is not only unusual, but may produce shock and awe in some parts of the healthcare industry. However, having this type of outlook, regardless more »
There has been a shift in thinking when it comes to IT consumerization for many healthcare IT professionals. They are actually moving away from the BYOD trend and changing their focus toward something more up to date. The end user more »
After learning of a former employee stealing patient identities, Community Health Med-check in Speedway, Ind. has notified about 180 patients that their data may have been compromised. WISH TV in Indiana reports that the employee (who no longer works at more »
Health IT security vendor news for the week of May 13-17 TigerText and AirWatch partner to offer healthcare mobile security solution: TigerText, the leader in secure, real-time messaging for health care and enterprise and AirWatch, the global leader and innovator more »
To help prepared HIPAA covered entities for the new omnibus rule coming into effect on Sept. 23, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has planned four free HIPAA omnibus webinars between June 14 more »
In a recent guest post on John Halamka’s blog, Fabienne Bourgeois, MD, of Children’s Hospital Boston analyzed some privacy concerns and roadblocks for adolescent personal health record (PHR) interactions while detailing Children’s approach to patient portals. The subject of patient privacy and more »
Following problems with patient privacy back in January at Louisiana State University LSU Health Sciences Center (LSUHSC) that involved exposed protected health information (PHI), LSUHSC-Shreveport Vice Chancellor Hugh Mighty said that patient privacy policies will be reviewed and revised by more »
While human error is unavoidable from time to time, what healthcare organizations do to minimize the impact of those mistakes with health data goes under the microscope when breaches occur. DENT Neurologic Institute of Amherst, NY recently experienced a data more »
Pitting public health and well-being against patient confidentiality is nothing new in the healthcare industry and won’t die down anytime soon, but the ongoing debate has been magnified of late in Boston. The Boston Public Health Commission recently received criticism more »
Pursuant to a law in North Carolina, the Identity Theft Protection Act of 2005, businesses or government agencies are required to report details about security breaches to the state’s Attorney General’s Office. Editors from HealthITSecurity.com have acquired a copy of the North more »
Mac McMillan, CEO of CynergisTek, Inc. CynergisTek is a healthcare information security services and consultant company that helps providers in areas such as risk assessment and security testing. McMillan is a HIMSS Fellow and current chair of the HIMSS Privacy more »
Effective in July, CVS drug stores will no longer use patient prescription drug records for the purpose of sending patient pharmaceutical-paid refill notices. The organization’s argument for doing so revolves around new HIPAA omnibus provisions that restrict how third-party organizations more »
A lot can be learned from the work done by how individual state health information exchanges (HIEs) deal with policy, contract and technical requirements and one specific area of interest is Health Information Service Provider (HISP)-to-HISP communication. In a recent more »
