Healthcare Information Security

Health IT Security and HIPAA News

50% of Industry Incidents from Healthcare Ransomware Attacks

by

Half of the reported healthcare data security incidents from October 2015 to September 2016 stemmed from healthcare ransomware attacks, according to a recent NTT Security report. The NTT Security 2017 Global Threat Intelligence Report found that...

Stolen, Unencrypted Drive Causes Data Security Concern for 15K

by

Western Health Screening (WHS) recently issued a letter notifying individuals of a possible data security breach in which a WHS-owned vehicle containing an unencrypted jump drive was stolen. The jump drive contained the personal information of...

Healthcare Data Security Incidents Second Highest in 2016

by

Healthcare continues to lag behind other regulated industries with security measures, according to recent research, with healthcare data security incidents ranking second for the services industry in 2016. Symantec’s 2017 Internet Security...

Lack of Business Associate Agreement Equals $31K Settlement

by

The Center for Children’s Digestive Health (CCDH) recently settled potential HIPAA violations by not having a business associate agreement in place, and paid OCR $31,000. The Illinois-based healthcare provider underwent an OCR compliance...

MDLive Lawsuit Claims Patient Data Privacy Violations

by

Allegations were recently filed against a telehealth provider, claiming that the company committed patient privacy violations and disclosed customer information to a third-party organization. MDLive, Inc. is facing a class-action lawsuit filed...

Mobile Security at Center of $2.5M OCR HIPAA Settlement

by

The latest OCR HIPAA settlement was the first of its kind for a wireless health services provider, following allegations of ePHI disclosure due to a stolen laptop. Pennsylvania-based CardioNet provides remote mobile monitoring of and rapid response...

2017 OCR HIPAA Settlements Focus on Risk Analyses, Safeguards

by

Maintaining PHI security must remain a top priority for covered entities and business associates year-round. Lackluster safeguards and irregular risk analyses can lead to potential data security issues, and even an OCR HIPAA settlement. With...

Judge Says HIPAA Regulations Do Not Apply in Organ Donor Case

by

Patient records from the New York Organ Donor Network are not liable to HIPAA regulations, according to a recent New York Supreme Court ruling. A former network official claimed that four patients had not yet been declared legally dead before...

Kentucky Health Center Ensures PHI Security After Email Gaffe

by

On February 3, 2017, Women’s Care of Somerset (WCS) employees erroneously disclosed the email addresses of all recipients of an informative email regarding health-related services to the other recipients. According to a written press release,...

Va. Data Breach Legislation Update Accounts for Payroll Data

by

Virginia recently updated its data breach legislation to require notification should payroll data become compromised. The amended statute applies to employers or payroll service providers who experience unauthorized access and acquisition of...

Prioritizing Healthcare Data Security in Aggregation, Sharing

by

Data aggregation is quickly becoming a larger issue in healthcare, especially as organizations begin to switch over from fee-for-service models to value-based healthcare. As entities continue to gather, store, and transfer sensitive information,...

Employee Healthcare Data Security Awareness Top Industry Threat

by

Approximately 80 percent of surveyed health IT executives and professionals report that employee security awareness is their greatest concern regarding healthcare data security. The 2017 Level 3 Healthcare Security Study was conducted...

HHS OIG Phone Scam Raises Patient Data Privacy Concerns

by

The HHS Office of Inspector General (OIG) hotline number for reporting fraud was recently spoofed, according to an HHS statement. Individuals reported receiving phone calls claiming to be from HHS OIG, requesting that they confirm personal information...

HIMSS Urges Holistic Approach in NIST Cybersecurity Framework

by

Having a holistic approach to healthcare cybersecurity is essential in the industry, but there is a lack of alignment between the people, processes, and technology, according to HIMSS. That lack of alignment often creates difficulty for healthcare...

FDA Has Medical Device Cybersecurity Concerns in Abbott Labs

by

The FDA recently sent a warning letter to Abbott Labs, explaining that there were potential medical device cybersecurity issues with some of Abbott’s devices that were acquired with Abbott’s purchase of St. Jude Medical earlier this...

Mobile Security Strategies for Common Provider Concerns

by

As covered entities and business associates continue to adopt mobile security strategies, it can be increasingly difficult to find tools that are innovative but do not compromise security. Mobile app privacy and security worries and maintaining...

Health Center Agrees to $400K OCR HIPAA Settlement

by

Failing to conduct a risk analysis and not implementing a corresponding risk management plan to address found risks and vulnerabilities were part of the reasoning behind the latest OCR HIPAA settlement. Metro Community Provider Network (MCPN)...

NY Computer Virus Raises Healthcare Data Security Concerns

by

Erie County Medical Center (ECMC) has been battling a computer virus that was discovered on its computer system early Sunday morning, causing concern over the organization’s healthcare data security. The hospital has voluntarily shut down...

Do Healthcare Data Breach Lawsuits Have Reasonable Standards?

by

Being able to prove fault in a healthcare data breach class action lawsuit is inherently difficult, but it is also important to understand the privacy expectations, according to a recent Corporate Clients Insight blog post. Data breach cases...

Cybersecurity Attacks Hit 87% of Organizations in 2016

by

A majority of organizations reported that they were affected by a cybersecurity attack last year, with one in three saying that they had been hacked more than five times in the past 12 months, according to a recent Bitglass report. In response,...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks