Loading
ID Experts, an IT services vendor that offers customers assistance with security and compliance projects, released a list of 10 data breach vulnerabilities today. While the items mainly revolve around what the experts considered general security weaknesses, a few certainly more »
The Department of Health and Human Services (HHS) released a resolution agreement yesterday for Idaho State University’s (ISU) HIPAA violations that date back to Aug. 9, 2011. Because ISU’s Pocatello Family Medicine Clinic exposed 17,500 patients’ data by disabling a firewall more »
As more EHR vendors create web-based and mobile interfaces for their products, the mobile market is further fragmented with applications that often weren’t meant for mobile. In response, many healthcare organizations are shunning the concept of EHR vendor websites and more »
The State of California Office of Health Information Integrity (CalOHII) is taking a unique approach to educating covered healthcare organizations and providers in the state about matters of patient consent and authorization for health information exchange. Dubbed the HIE Consent more »
There is more patient data exposure news from Buffalo, NY, as following the recent health data breach at DENT Neurologic Institute, the Erie County Comptroller’s office (headed by Stefan I. Mychajliw) reported that paper health records with protected health information more »
As the Sept. 23, 2013 compliance date for the HIPAA omnibus rule creeps closer, many healthcare organizations are reviewing their current policies and procedures. One area that may fly under the radar but is critical to HIPAA compliance is an more »
News 4 Tucson (KVOA.com) reports that at least eight patients in Tucson, Ariz. have had their medical data compromised after paper health records containing dates of birth, Social Security numbers and health insurance information were found in Tempe, Ariz. A more »
A healthcare chief information officer (CIO) saying that he expects to experience a health data breach is not only unusual, but may produce shock and awe in some parts of the healthcare industry. However, having this type of outlook, regardless more »
There has been a shift in thinking when it comes to IT consumerization for many healthcare IT professionals. They are actually moving away from the BYOD trend and changing their focus toward something more up to date. The end user more »
After learning of a former employee stealing patient identities, Community Health Med-check in Speedway, Ind. has notified about 180 patients that their data may have been compromised. WISH TV in Indiana reports that the employee (who no longer works at more »
Health IT security vendor news for the week of May 13-17 TigerText and AirWatch partner to offer healthcare mobile security solution: TigerText, the leader in secure, real-time messaging for health care and enterprise and AirWatch, the global leader and innovator more »
To help prepared HIPAA covered entities for the new omnibus rule coming into effect on Sept. 23, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has planned four free HIPAA omnibus webinars between June 14 more »
In a recent guest post on John Halamka’s blog, Fabienne Bourgeois, MD, of Children’s Hospital Boston analyzed some privacy concerns and roadblocks for adolescent personal health record (PHR) interactions while detailing Children’s approach to patient portals. The subject of patient privacy and more »
Following problems with patient privacy back in January at Louisiana State University LSU Health Sciences Center (LSUHSC) that involved exposed protected health information (PHI), LSUHSC-Shreveport Vice Chancellor Hugh Mighty said that patient privacy policies will be reviewed and revised by more »
While human error is unavoidable from time to time, what healthcare organizations do to minimize the impact of those mistakes with health data goes under the microscope when breaches occur. DENT Neurologic Institute of Amherst, NY recently experienced a data more »
Pitting public health and well-being against patient confidentiality is nothing new in the healthcare industry and won’t die down anytime soon, but the ongoing debate has been magnified of late in Boston. The Boston Public Health Commission recently received criticism more »
Pursuant to a law in North Carolina, the Identity Theft Protection Act of 2005, businesses or government agencies are required to report details about security breaches to the state’s Attorney General’s Office. Editors from HealthITSecurity.com have acquired a copy of the North more »
Mac McMillan, CEO of CynergisTek, Inc. CynergisTek is a healthcare information security services and consultant company that helps providers in areas such as risk assessment and security testing. McMillan is a HIMSS Fellow and current chair of the HIMSS Privacy more »
Effective in July, CVS drug stores will no longer use patient prescription drug records for the purpose of sending patient pharmaceutical-paid refill notices. The organization’s argument for doing so revolves around new HIPAA omnibus provisions that restrict how third-party organizations more »
A lot can be learned from the work done by how individual state health information exchanges (HIEs) deal with policy, contract and technical requirements and one specific area of interest is Health Information Service Provider (HISP)-to-HISP communication. In a recent more »
The hacking of a Charlotte medical practice’s database may not have resulted in unauthorized access of patient health information but has led to financial and other personally identifiable information (PII) falling into criminal hands, according to the Charlotte Observer. Andrew more »
With literally thousands of staff members operating within your healthcare organization – all asking for more mobility options – how do you create an environment that will work for everyone? Furthermore, what process is involved in making this type of more »
There was yet another unencrypted laptop theft in April, as Indiana University Health Arnett, Inc. told 10,300 affected patients of the health data breach via letter on May 10. The laptop was in an employee’s car and may have contained patient more »
The sending of three emails including personally identifiable information of patients between October 2012 and February 2013 has led the Regional Medical Center in Memphis (the MED) to report a health data breach, according to a public notice issued by more »
BOSTON – While in the past their relationship bordered on resentful at times, healthcare clinicians and their IT staffs are more open to collaboration. This unison of different ideologies was spurred by the absolute need to improve patient care with more »
