Healthcare Information Security

Health IT Security and HIPAA News

UMass Agrees to $650K OCR HIPAA Settlement after Allegations


Following alleged HIPAA violations stemming from a malware infection that potentially exposed the ePHI of 1,670 individuals, the University of Massachusetts Amherst (UMass) agreed to an OCR HIPAA settlement. Along with adhering to a corrective...

House Subcommittee Talks Connected Device Cybersecurity Issues


While the connected devices industry is seeing intense growth with evolving technologies, it is also important to be aware of the current cybersecurity issues, according to a recent hearing held by the House Energy and Commerce Subcommittee....

Physical Therapy Facility Reports Data Security Incident


A physical therapy provider recently announced it experienced a possible data security incident that may have exposed certain personal information for some patients. Best Health Physical Therapy, LLC (Best Health) explained on its website that...

Half of Businesses Report Ransomware Attack in Past Year


An increase in IT security spending and adjusting security strategies to focus on mitigation are two of the most common responses businesses listed after becoming the victim of a ransomware attack in the last year, according to a recent survey....

Protect Healthcare Data with User Training, Secure Systems


As covered entities and business associates of all sizes work to protect healthcare data, there are numerous aspects to consider, especially as cybsecurity threats continue to evolve and become more sophisticated.  We often focus on major...

Secure Exchange of Electronic Data Top HHS Challenge


The Department of Health and Human Services (HHS) is currently facing 10 management and performance challenges, including health information technology and the meaningful and secure exchange and use of electronic information, according to the...

Potential Horizon BCBS Data Breach for 170K from Printing Error


Horizon Blue Cross Blue Shield of New Jersey (Horizon BCBSNJ) announced earlier this month that one of its vendors potentially exposed the information of up to 170,000 members in a potential data breach. Command Marketing Innovations (CMI) did...

Encryption Aspect Amended in CA Data Breach Notification Law


Starting in 2017, data breach notification will be required for instances when encrypted personal information of California residents has been breached and certain conditions are met, according to a recently amended state law. Previously, California’s...

Unauthorized Access, Malware Top Cloud Security Worries


While moving certain IT operations to the cloud can provide numerous benefits for organizations across industries, potential cloud security issues are still a top concern for the majority of IT workers, according to a recent Netwrix Corporation...

OIG to Focus on HHS Information Security, Penetration Testing


The Office of Inspector General (OIG) plans to audit the Department of Health and Human Services (HHS) information security controls to track drug prescription reimbursements, according to the 2017 OIG work plan. HHS will also be subject to penetration...

How HIPAA Rules Can Aid Evolving Technology, Not Hinder It


Communication technology is quickly evolving, and many healthcare providers are trying to keep pace. They could be looking to implement secure texting options or even consider communicating with patients through social media, but HIPAA rules...

Mobile App Security Top Concern for Health IT Decision Makers


More healthcare providers are looking for ways to implement the latest mobile technologies, but mobile app security concerns and a failure to properly budget for IT changes could potentially put a damper on mHealth growth, according to a recent...

NH-ISAC, MDISS Collaborate for Medical Device Cybersecurity


Three national organizations recently signed a Memorandum of Understanding (MOU) in an effort to improve medical device cybersecurity measures. The National Health Information Sharing and Analysis Center (NH-ISAC), the Medical Device Innovation,...

NIST Aims to Help Small Business Cybersecurity Measures Improve


While some small businesses may assume that they are not primary targets for cyber criminals, the National Institute of Standards and Technology (NIST) wants to ensure that those organizations are able to implement the necessary cybersecurity...

NY Can Still Improve Health Exchange Data Security Measures


The Office of Inspector General (OIG) determined in a recent investigation that New York did  implement health insurance exchange data security measures in its web site and database, but improvements must still be made to ensure that PII...

Healthcare Ransomware: To Pay or Not to Pay?


An increasingly popular area of concern for healthcare organizations is whether or not they should give into potential healthcare ransomware demands. Should a hospital pay thousands of dollars to regain access to data, or should it just move...

Stolen Laptop Leads to Possible Health Data Breach in CO


MGA Home Healthcare Colorado, Inc. is notifying 3,119 patients and some employees that their information may have been compromised after a laptop was stolen from an employee’s locked vehicle. The incident reportedly took place sometime...

OCR HIPAA Settlements Total $13.5M, Affect Entities and BAs


The Office for Civil Rights (OCR) has shown with several of its recent HIPAA settlements that both covered entities and business associates are liable for potential HIPAA violations. OCR has said that as healthcare technology continues to evolve...

Education, Planning Critical in Ransomware Preparation


Healthcare ransomware has quickly become one of the top cybersecurity concerns for both covered entities and business associates. Without proper training and a thorough backup plan, organizations could find themselves in trouble should an attack...

Are Stolen Medical Records Still Worth More Than Financial Data?


Healthcare data breaches can be harmful to not only the organizations that experience an incident, but also to patients who may have had their information inappropriately accessed. However, a recent report shows that stolen medical records are...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks