EHR, Meaningful use, ICD-10, Electronic Health Records

Data Breaches News

Federal Agencies Need Better Cybersecurity Measures, Says GAO

June 25, 2015 - Improving cybersecurity measures is just one of several areas that federal agencies need to work on in light of recent data breaches, according to a recent report from the Government Accountability Office (GAO). Other areas that federal agencies need to improve upon include enhancing oversight of contractors providing IT services, improving security incident response activities and responding...


Articles

VA Sees 51% Decrease in PHI Incidents for May

After a less than ideal April in terms of PHI incidents, the Department of Veterans Affairs (VA) reported that it had a 51 percent decrease in that type of data breach in May. The VA’s May report sent to Congress showed that PHI incidents...

WEDI Healthcare Cybersecurity Primer Calls For Culture Change

The Workgroup for Electronic Data Interchange (WEDI) released a healthcare cybersecurity primer designed to help healthcare organizations better defend themselves against cyber attacks. The Perspectives on Cybersecurity in Healthcare report highlights...

Conn. Data Breach Security Bill Moves Forward

Connecticut Governor Dannel Malloy is expected to sign a data breach security bill into law that would grant greater protections to consumers. Senate Bill 949, An Act Improving Data Security and Agency Effectiveness, was unanimously passed by...

UPMC Health Data Breach Lawsuit Dismissed

A Pennsylvania judge dismissed the health data breach lawsuit that had been filed against the University of Pittsburgh Medical Center (UPMC) last year. Former UPMC employees filed the lawsuit after a data breach compromised the information of...

Healthcare Data Breaches Have Highest Cost, Says Ponemon

Healthcare data breaches average the highest cost per stolen record, with organizations reaching as high as $363, according to Ponemon’s annual Cost of Data Breach Study: Global Analysis, sponsored by IBM. For the US specifically,...

Medical Management Data Breach Impacting Multiple States

Last week, we reported on a healthcare data breach where a third party facility, Medical Management LLC, connected with the University of Pittsburgh Medical Center (UPMC) reported that approximately 2,200 UPMC patients may have had their records...

North Dakota Data Breach Notification Law Amended

Data breach notification laws continue to be implemented and amended across the country, as North Dakota becomes the latest state to clarify its regulations on privacy and security. North Dakota Governor Jack Dalrymple recently signed SB 2214...

Medical Info. Included in Nevada Data Breach Notification Law

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

What Happens When a Healthcare Cyber Policy is Broken?

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Which States Have a Data Breach Notification Law?

Data breach notification is essential for organizations of all sizes, and those in the healthcare industry are no exception. In fact, the HIPAA  breach notification rule requires that covered entities and their business associates notify...

Human Error Top Data Security Issue, Says Law Firm Report

It seems as if every week there is a new top data security issue for healthcare organizations to remain vigilant on. If nothing else, it further underlines why a well-rounded approach to data security is essential, and covered entities must ensure...

ISMA Data Breach Reportedly from IT Head’s Stolen Devices

The Indiana State Medical Association (ISMA) information technology administrator reportedly is the employee who had a laptop computer and two external hard drives stolen in February, potentially exposing the information of 39,000 patients and...

Ponemon Finds 125% Increase in Healthcare Cyber Attacks

Healthcare cyber attacks continue to make headlines, but recent research shows that such criminal attacks are on the rise in the industry. Since 2010, there has been a 125 percent increase in criminal attacks in the healthcare industry, according...

Hacking Still Leading Cause of 2015 Health Data Breaches

Health data breaches are clearly not going away anytime soon, as 2015 has proven itself to consist of some of the largest breaches and hacking incidents on record. The Anthem data breach and Premera Blue Cross breach are the largest data breaches...

HRSA Data Security Controls Need Improvement, Says OIG

Data security controls at the Health Resources and Services Administration (HRSA) were not fully implemented and monitored, according to a recent report from the Office of the Inspector General (OIG). HRSA must improve its data security controls,...

Data Breach Response Best Practices Guide Released by DOJ

The Department of Justice’s (DOJ) Cybersecurity Unit recently released a data breach response guide to help facilities better prepare for data security incidents before they occur, as well as what to do after the fact. While the guide was created...

Health Data Included in Ala. Data Breach Notification Bill

A recently proposed data breach notification bill in Alabama could make it the 48th state to have such legislation in place. The bill was first introduced on March 3, 2015, and as of April 14, 2015, it is listed as being under “further consideration”...

New Data Breach Notification Bill Lets States Keep Own Laws

Several Democratic senators have introduced a national data breach notification bill that will allow states to keep their own notification laws if they have more strict policies already in place. The Consumer Privacy Protection Act was introduced...

Phishing Attack Affects 3,300 Partners HealthCare Patients

Yet another phishing attack was announced this week, potentially affecting 3,300 patients at Partners HealthCare System, Inc. According to a company statement, the Massachusetts-based facility learned on November 25, 2014 that employees had fallen...