Healthcare Information Security

Administrative Safeguards

Potential Medicaid Data Breach for 13K Louisiana Recipients

February 4, 2016 - The Louisiana Attorney General’s office recently announced that an individual was arrested on Medicaid fraud charges, stemming from stolen Louisiana Healthcare Connections (LHCC) information. LHCC explained in a statement on its website that an individual who worked at a doctor’s office used another individual’s information to get into LHCC’s provider website on March...


Articles

Evolution, Not Revolution Coming to Healthcare Data Security

by

When it comes to protecting sensitive information and maintaining strong healthcare data security, it is not a matter of revolutionary changes, but rather evolutionary change, according to Kate Borten, president and founder of The Marblehead...

How Administrative Safeguards Can Prevent Data Breaches

by

Preventing healthcare data breaches is a common goal for covered entities of all sizes. It can be easy to let the importance of administrative safeguards fall behind other areas, such as concerns over hacking and stolen devices, but organizations...

People Are Top Health Data Security Risk, Says Halamka

by

There are numerous health data security risks that organizations need to prepare for, but human error is the top way that covered entities remain vulnerable, according to Beth Israel Deaconess Medical Center (BIDMC) CIO John Halamka, MD, MS....

OIG Report to Congress Stresses Health Marketplace Security

by

The Office of the Inspector General (OIG) has released its Semiannual Report to Congress, identifying key areas in which several federal healthcare agencies can improve their security efforts. Specifically, OIG emphasized health marketplace security....

Two-Factor Authentication Use Increases, ONC Finds

by

Hospital health IT departments are gaining capabilities for two-factor authentication at an increasing rate, helping to improve healthcare data security. Two-factor authentication capabilities are important for increasing health data security,...

Why Healthcare Identity and Access Management is Essential

by

Employee training is a critical aspect to healthcare administrative safeguards, but it is also important that staff members are given the necessary tools to remain as efficient as possible. Healthcare identity and access management (IAM) is one...

Working to Prevent Healthcare Phishing Scams

by

Healthcare phishing scams are increasingly becoming data security issues for covered entities, and can cause organizations problems if an employee falls for one of the malicious emails. However, comprehensive and regular employee training can...

Why Healthcare Phishing Scams Are a Key Issue

by

Covered entities know that they need to have a comprehensive health data security plan to prevent data breaches. But healthcare phishing scams can easily be overlooked as a key issue, as organizations could simply assume that such an attack would...

NIST Releases Draft Guidance on Improving Data Security

by

The National Institute of Standards and Technology (NIST) recently published draft guidance on how organizations can improve their approach to data security. The guide discusses how using an attribute based access control (ABAC) system could...

Sutter Health Data Breach Affects 2,500 Patients

by

A former employee reportedly emailed patient information without authorization, leading to a Sutter Health data breach. Sutter Health explained in a statement on its website that 2,582 patients are potentially affected, and that with the exception...

HHS: Administrative Safeguards Keep Yammer Use Secure

by

The Department of Health and Human Services (HHS) reportedly will continue to use a social application that the Department of Veteran Affairs (VA) Office of Inspector General (OIG) found to have potential security vulnerabilities. With the right...

Health Data Breaches Stem From Hacking, Employee Theft

by

Health data breaches can be caused by various incidents, which is why covered entities and their business associates must have comprehensive safeguards in place. Two separate incidents at medical centers highlight the importance of this fact,...

Employee Negligence Top Health Data Breach Issue, Report Says

by

A large portion of health data breach incidents are tied to insider activity, employee negligence, and physical theft of devices, according to a recent SurfWatch report. The 2015 Mid-Year Cyber Risk Report found that personal information is increasingly...

Health Data Breaches From Theft, Improper Disposal

by

As often discussed on this site, health data breaches can stem from numerous areas. Covered entities and their business associates need to ensure they have a comprehensive data security plan, and are able to implement the necessary physical,...

A Review of Common HIPAA Administrative Safeguards

by

HIPAA administrative safeguards are a critical piece to the larger health data security puzzle that all covered entities must put together. The three types of safeguards are not only a federal requirement, but they all play an important role...

Mayo Clinic Says 601 Patient Records Inappropriately Accessed

by

The Mayo Clinic Health System in Red Wing, Minnesota reported that 601 patient records were inappropriately accessed by an employee. Mayo Clinic Public Affairs Manager Asia Zmuda confirmed in an email to HealthITSecurity.com that “an employee...

UPMC Reports Second Health Data Breach in Two Months

by

The University of Pittsburgh Medical Center (UPMC) Health Plan recently reported a health data breach affecting 722 patients. This is the second health data breach reported at a UPMC facility in just under two months. A data file with certain...

Orlando Health Data Breach Affects 3,200

by

An employee’s unauthorized access of 3,200 patient medical records has caused a potential health data breach at Orlando Health. During a routine patient record access audit on May 27, 2015, Orlando Health discovered that a certified nursing...

Why HIPAA Technical Safeguards Alone Are Not Enough

by

HIPAA technical safeguards are an important part of any covered entity or business associate’s data security plan. However, that security measure by itself is not enough to ensure that a health data breach will never occur, according to...

X

Sign up for our free HealthITSecurity.com newsletter and stay up to date with tips and advice on:

HIPAA
BYOD
Data Security
VDI
Cloud Security

Our privacy policy

no, thanks