Healthcare Information Security

Health IT Security and HIPAA News

Why Lacking Risk Assessments May Lead to OCR HIPAA Settlements


Healthcare organizations cannot afford to skip out on conducting regular risk assessments, according to several recent OCR HIPAA settlements. Failing to identify potential risks and vulnerabilities in ePHI security could lead to healthcare data...

Protecting Against Unauthorized Healthcare Data Access


No healthcare organization wants to receive notification that there has been unauthorized healthcare data access at the company. Not only could this potentially expose patient information, but it could result in potential fines for the organization...

Hospitals Gravely Concerned on Mobile Device Security


As more covered entities consider implementing BYOD policies, mobile device security policies need to be comprehensive and applicable to daily operations. All staff members should be able to integrate and use devices in a way without hindering...

Server Hacking Leads to Potential Orleans Medical Data Breach


Indiana-based Orleans Medical Clinic may have suffered a healthcare data breach after one of its computer servers was hacked. On approximately April 17, 2016, Orleans Medical “became aware of suspicious activity” on one of its computer...

Will Privileged User Abuse Affect Healthcare Data Security?


Employee access is a key aspect of healthcare data security, and healthcare organizations of all sizes need to ensure that their administrative safeguards account for the type of information employees view, use, or transfer. A recent Ponemon...

Why Latest OCR HIPAA Audits are About Compliance, Action


The Office for Civil Rights (OCR) announced the second round of its HIPAA audit program on July 11, 2016, sending out notification emails to 167 covered entities. The desk audits will review how healthcare organizations adhere to the HIPAA Privacy,...

Prevent Healthcare Phishing by Strengthening Employee Training


Cyber criminals view the healthcare industry as a prime target. Just this year, we have witnessed hospitals like Hollywood Presbyterian Medical Center, MedStar Health’s Union Memorial Hospital, in Baltimore, Maryland, and Methodist Hospital...

Why Healthcare Ransomware Attacks Can Be More Damaging


It should come as no surprise that one of the main reasons the healthcare industry is a prime target for ransomware attacks is because of the sensitive information - PHI and PII - it holds. However, a recent survey found that healthcare ransomware...

OCR Aims to Improve Smaller Data Breach Investigation Process


Starting in August 2016, the Office for Civil Rights (OCR) will start an initiative to better investigate smaller data breaches. The data breach investigation process will look further into the root causes of incidents affecting fewer than 500...

Data Security Vulnerabilities Found in CMS Wireless Networks


While the Centers for Medicare and Medicaid Services (CMS) has effective security controls in place to prevent cybersecurity attacks, some data security vulnerabilities were found in its wireless networks, according to a recent Office of Inspector...

The Role of Nurses in HIPAA Compliance, Healthcare Security


Nurses deal with private information all day every day, from nursing stations and offices to exam rooms to patient bedsides to operating rooms. However, due to their focus on a patient’s health and their constant contact with patient data,...

Healthcare Cybersecurity Efforts Improving, Still Need Work


Ransomware, advanced persistent threats (APTs), and phishing attacks are the top most feared threats in healthcare cybersecurity, according to a recent HIMSS survey. While the majority of organizations have made efforts to prioritize their information...

Possible PHI Security Breach in FL Respiratory Facility


Florida-based Rotech Healthcare Inc. reported that it may have experienced a PHI security breach after patient information was recovered by police from an unauthorized individual. The respiratory and sleep apnea facility said it received a police...

Practice Fusion Health Data Privacy Case Gets FTC Final Order


A Federal Trade Commission (FTC) final order was recently approved, finalizing the FTC complaint against health data privacy concerns with Practice Fusion. The cloud-based EHR company had agreed to a settlement with the FTC in June 2016, over...

What Lessons Can be learned from Recent Health Data Breaches?


Several recent large-scale health data breaches have affected over 5 million individuals, including patients, employees, and providers. With more covered entities implementing connected devices, BYOD strategies, and working toward interoperability,...

Unauthorized Access Affects 900K at Arizona Facility


Arizona-based Valley Anesthesiology and Pain Consultants (VAPC) reported that it discovered unauthorized access on one of its computer systems, which potentially caused the information exposure of 882,590 patients. VAPC learned about the potential...

Embracing Healthcare Cloud, Virtualization Security Services


Cybersecurity continues to be at the forefront of the digital revolution we’re all experiencing. This spans multiple verticals, many different types of organizations, and entirely new markets as well. Most of all, we see where security...

Utilizing Administrative Safeguards to Prevent Insider Threats


Preventing healthcare insider threats needs to be a top priority for covered entities of all sizes, and with cybersecurity threats evolving each day, training methods must also remain current. Administrative safeguards, including user training...

Potential Bon Secours Data Breach Affects 655K Patients


South Carolina-based Bon Secours Health System, Inc. announced last week that it experienced a potential healthcare data breach that may affect 665,000 patients. R-C Healthcare Management is a vendor that works with Bon Secours, and inadvertently...

5 Next-Generation Healthcare Security Solutions


The modern healthcare data center has truly evolved. We’re now seeing the emergence of a truly interconnected healthcare technology ecosystem spanning numerous heterogeneous IT platforms. Throughout all of this, security continues to play...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks