Healthcare Information Security

Health IT Security and HIPAA News

3 Tools to Help Prevent Healthcare Ransomware Attacks

by

Healthcare ransomware attacks are one of the current top concerns for many covered entities, but this type of cybersecurity infiltration is not a new issue. However, it is hitting the healthcare industry more often as more organizations begin...

Understanding the Gray Areas in HIPAA Compliance

by

Several weeks have passed since the HHS Office for Civil Rights (OCR) announced the launch of phase two of its HIPAA audit program. No surprises, then, that HIPAA compliance is a topic that’s receiving a lot of attention right now....

Joint Commission Lifts Ban on Clinician Secure Texting

by

The Joint Commission announced in its May 2016 Perspectives newsletter. that it has ended its ban on clinician secure texting and secure messaging options. While healthcare organizations may allow orders to be sent via text messaging, the commission...

Phishing Scam Leads to Potential Healthcare Data Breach in WY

by

Wyoming Medical Center has reported on their website a potential healthcare data breach due to a phishing scam. Approximately 3,184 individuals were notified by the medical center that their PHI may have been accessed by an unauthorized user....

Human Error Leading Cause of Healthcare Data Breaches in 2015

by

Healthcare data breaches in 2015 were more likely to be caused by human error in the form of stolen or lost assets, insider and privilege misuse, and miscellaneous errors, such as improper device disposal or mishandling PHI, reported Verizon...

Healthcare Cybersecurity Bill Introduced for HHS Operations

by

Bipartisan legislation was recently introduced by members of Congress to improve healthcare cybersecurity, specifically the measures within the Department of Health and Human Services (HHS). House Energy and Commerce Committee members Rep. Billy...

Reviewing the HIPAA Risk Assessment Process

by

While the Office for Civil Rights (OCR) announced that phase two of its HIPAA audit program is underway, covered entities of all sizes and their business associates should already understand the basics of a HIPAA risk assessment. Being able to...

Will Healthcare Data Encryption be Impacted by NIST Guide?

by

Healthcare providers and other covered entities under HIPAA regulations may have a new resource on healthcare data encryption standards from the National Institute of Standards and Technology (NIST). NIST released the final draft of “NIST...

Using Risk Assessments, Management for OCR HIPAA Audits

by

There has been much discussion over the second round of OCR HIPAA audits, with covered entities of all sizes wanting to know how they can best prepare for a potential investigation. Having an updated and thorough risk management process will...

Report Shows Medicare Healthcare Data Security Gaps

by

In its annual review of health IT security programs for Medicare administrative contractors (MACs), the Office of Inspector General revealed that MACs experienced many challenges with developing and implementing comprehensive healthcare data...

CHIME, AEHIS Urge Stronger Medical Device Cybersecurity

by

More collaboration between healthcare organizations and medical device manufacturers, as well as standardized security measures are crucial to improving medical device cybersecurity, reported the College of Healthcare Information Management Executives...

Calif. Senate Committee Passess Ransomware Legislation

by

The California Senate Public Safety Committee passed ransomware legislation earlier this month that outlaws the online act and specifies how the crime should be prosecuted. Written by Senator Robert Hertzberg and co-sponsored by Los Angeles County...

Top Tips for OCR HIPAA Audit Preparation

by

With the most recent round of OCR HIPAA audits announced just last month, many healthcare organizations are working to ensure that they are prepared should they be called for investigation. While the announcement should not come as a total surprise,...

OCR HIPAA Settlement Costs New York Hospital $2.2M

by

A recent Office of Civil Rights (OCR) HIPAA settlement agreement states a New York-based hospital must pay $2.2 million after it allowed unauthorized filming of patients, according a Department of Health and Human Services (HHS) press release....

What is the Real Cost of a Healthcare Data Breach?

by

The recent spate of ransomware attacks against hospitals have set a new precedent in healthcare cyber threats – literally holding data and operations ransom until paid.   While a ransom of $17,000 in the hard-to-track bitcoin...

Potential Healthcare Data Breach Affects Over 19K Patients

by

The Pain Treatment Centers of America (PTCOA) and Interventional Surgery Institute (ISI), a healthcare network in Arkansas, has reported a potential PHI data breach after a vendor notified them of a hacking incident. According to OCR’s...

Understanding, Preparing for Healthcare Ransomware Attacks

by

It seems that a new healthcare ransomware attack is announced every week, which has created concern in the industry. However, several experts agree that this is not a new threat, and that healthcare is just the latest victim. Covered entities...

Orthopedic Provider Agrees to $750,000 OCR HIPAA Settlement

by

The Raleigh Orthopaedic Clinic, P.A. of North Carolina has agreed to pay approximately $750,000 in OCR HIPAA settlement fines after an alleged healthcare data breach in 2013 involving a business associate, reported the Department of Health and...

End-Point Devices Pose Challenges to Healthcare Cybersecurity

by

With malware attacks, such as ransomware, becoming more common, healthcare organizations may need to reevaluate their healthcare cybersecurity framework when it comes to end-point devices, such as laptops, smartphones, tablets, and other networked...

VA Reports 41% Decrease in PHI Data Breaches in March

by

In its March report to Congress, the Department of Veteran’s Affairs (VA) has witnessed a 41 percent decrease in the total number of veterans affected by a potential PHI data breach since February. The report revealed that there were 417...