EHR, Meaningful use, ICD-10, Electronic Health Records

Access Controls

Unauthorized PHI Access at Ohio Hospital Affects 300 Patients

July 13, 2015 - An Ohio hospital is working to notify nearly 300 patients after unauthorized PHI access took place, potentially compromising their personal information. A University Hospitals Elyria Medical Center employee allegedly accessed “certain patient data” in its EMR, hospital spokesperson Alicia Reale confirmed in an email sent to HealthITSecurity.com. Reale sent a UH Elyria Medical Center...


Articles

Routine Audit Reveals PHI Data Breach for Md. Medical Center

A Maryland medical center conducted a routine audit and discovered that a PHI data breach had taken place, affecting approximately 1,000 patients. Meritus Health was running “routine compliance and self-audit efforts” on May 4, 2015,...

Tennessee subcontractor tells 60,000 employees of PHI breach

Onsite Health Diagnostics (OHD), a Tennessee government subcontractor, recently released a notice to local government employees explaining how their data may have been compromised when an unknown party inappropriately accessed OHD’s online...

2014 Annual Cisco Security Report analyzes latest threats

Cisco used its 2014 Annual Security Report to offer its perspective and findings on the various threats organizations need to be aware of, including distributed denial-of-service (DDoS) attacks. The report concentrates on trust, threat intelligence,...

Healthcare access badges: Physical, logical access links

Healthcare organizations using access badges to secure physical access to (all or part of) their premises increasingly ask for the ability to use the same badges for access to their network and applications. Usually, it’s the IT department...

Managing, provisioning internal healthcare applications

Properly managing a variety of applications across a large healthcare organization while staying HIPAA compliant can be done in a number of different ways, but each IT decision sends ripples through the organization. With the end goal of keeping...

NRAD Medical Associates notifies 97,000 patients of breach

NRAD Medical Associates of Garden City, New York has informed 97,000 patients that an internal employee inappropriately accessed protected health information (PHI) and patient billing data back in April 2014. According to newyork.cbslocal.com,...

Montana DPHHS HIPAA breach affects 1.3 million patients

The Montana Department of Public Health and Human Services (DPHHS) has reported more details on one of the largest HIPAA breaches in terms of number of affected patients, as up to 1.3 million records were compromised. The server hack was first...

IT security survey finds data location, monitoring concerns

A recent Ponemon Institute study, State of Data Centric Security, gauged how 1,587 Global IT and IT security practitioners across 16 countries view today’s threat landscape and what their biggest concerns are. While the findings mainly...

Organizing, automating access for internal healthcare audits

Last week, we discussed some best practices in granting healthcare user access rights. The next step in the process is to perform an initial audit. Most new healthcare employees are being given correct access rights, but what about employees...

Granting healthcare user access rights: Audit considerations

In today’s electronic world, access to critical data is paramount criteria for success. Doctors and nurses need access to patient’s records to ensure proper delivery of care. Too many restrictions or complicated access methodologies to internal...

How does the rising demand for CISSPs affect healthcare?

In a world plagued by data breaches, more and more organizations and companies are seeking cybersecurity experts to add to their teams in hopes of avoiding an incident of their own. While an ounce of prevention may be worth a pound of cure, the...

OIG finds data security vulnerabilities in Medicaid systems

The Office of the Inspector General (OIG) recently released a report evaluating whether state agencies are able to adequately safeguard sensitive Medicaid systems and data. During reviews of information technology general controls at state Medicaid...

X

Sign up for our free HealthITSecurity.com newsletter and stay up to date with tips and advice on:

HIPAA
BYOD
Data Security
VDI
Cloud Security

Our privacy policy

no, thanks