HIPAA, Patient Privacy, Healthcare Data Security BYOD

Health IT Security News

Breaking Down PHI Security Breaches and Their Impact

May 22, 2015 - With another large health data breach being announced this week, it is essential that covered entities of all sizes understand the intricacies of PHI security. However, there is an important distinction in types of data that healthcare organizations keep on hand. While individuals deserve to be notified if any of their personal information is potentially accessed by unauthorized  users,...


Articles

Coast Guard Needs Better PHI Security, Says OIG Report

The US Coast Guard (USCG) must do a better job in its PHI security measures, according to a recent report from the Office of the Inspector General (OIG). Specifically, USCG lacks a strong organizational approach to resolving privacy issues, the...

CareFirst Health Data Breach Affects 1.1M Individuals

CareFirst BlueCross BlueShield (CareFirst) joins the list of healthcare organizations affected by a large cybersecurity attack, as it announced yesterday that approximately 1.1 million current and former members potentially had their information...

Important Lessons for Health Data Privacy, Security in 2015

Health data privacy and security issues are not going to disappear anytime soon, and will likely continue to evolve along with technology. Covered entities need to keep their privacy and security measures current, especially as they integrate...

Medical Info. Included in Nevada Data Breach Notification Law

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

Accidental and Unauthorized Emails Create PHI Security Issues

No covered entity wants to notify patients of a potential PHI security incident, yet even with the appropriate safeguards in place, problems could still occur. When this happens, it is important to properly notify potentially affected individuals...

Health Data Privacy Top Concern on ONC Roadmap Comments

The Office of the National Coordinator (ONC) for Health IT recently published public comments on its draft for nationwide interoperability, and health data privacy and security issues were a top issue for several organizations. Connecting Health...

Possible Health Data Breaches From Theft, Unauthorized Access

Even when covered entities implement sophisticated cybersecurity measures, health data breaches can still happen. It is important to not overlook seemingly simple security measures, such as installing proper locks on doors or even having an alarm...

Why PHI Security Cannot be Forgotten When Entities Move

PHI security is an essential aspect of healthcare data privacy for covered entities of all sizes. Each facility is different and will therefore benefit from different security measures. However, ensuring that PHI does not fall into the wrong...

What Happens When a Healthcare Cyber Policy is Broken?

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Malware, Billing Company Theft Equal Health Data Breaches

Health data breaches are not going to disappear anytime soon, which is why covered entities must ensure that their safeguards are current and comprehensive. Anything from malware to sophisticated cyber attacks to stolen laptops can lead to PHI...

Breaking Down the Evolution of Healthcare Phishing Scams

Healthcare phishing scams can lead to numerous issues for organizations, and can have long-lasting effects. Employees need to be trained properly on how to detect phishing scams, but healthcare organizations must also have the necessary technology...

Which States Have a Data Breach Notification Law?

Data breach notification is essential for organizations of all sizes, and those in the healthcare industry are no exception. In fact, the HIPAA  breach notification rule requires that covered entities and their business associates notify...

Judge Disagrees With Employee Firing Over HIPAA Violation

A Montana judge recently ruled that a healthcare employee’s HIPAA violation did not preclude her from protection under the National Labor Relations Act (NLRA). The employee had accessed personal information on coworkers for her union-organizing...

Can Healthcare Employees Properly Identify Phishing Emails?

Identifying phishing emails is essential for healthcare employees at all levels. All it takes is one malicious email to slip through and be mistaken for a genuine one for an organization to become potentially vulnerable to cyber threats. We’ve...

AHA Supports Health Data Sharing Bill, Urges Data Security

The American Hospital Association (AHA) said in a recent letter to US House Committee on Energy and Commerce Chairman Fred Upton that it supports the recently proposed health data sharing bill, 21st Century Cures. Not only would the bill eliminate...

ONC Privacy, Security Workgroup Expresses Stage 3 MU Concerns

There are several patient privacy and security concerns related to the proposed Meaningful Use Stage 3 rule, according to the Office of the National Coordinator (ONC) Health Information Technology (HIT) Privacy & Security Workgroup. Earlier...

Human Error Top Data Security Issue, Says Law Firm Report

It seems as if every week there is a new top data security issue for healthcare organizations to remain vigilant on. If nothing else, it further underlines why a well-rounded approach to data security is essential, and covered entities must ensure...

ISMA Data Breach Reportedly from IT Head’s Stolen Devices

The Indiana State Medical Association (ISMA) information technology administrator reportedly is the employee who had a laptop computer and two external hard drives stolen in February, potentially exposing the information of 39,000 patients and...

How Will New Research Bill Affect HIPAA Regulations?

A proposed health research bill could potentially affect the current HIPAA regulations, as it would allow covered entities or business associates to use or disclose PHI for research purposes without patient consent. Called 21st Century Cures,...

X

Sign up for our free HealthITSecurity.com newsletter and stay up to date with tips and advice on:

HIPAA
BYOD
Data Security
VDI
Cloud Security

Our privacy policy

no, thanks