HIPAA, Patient Privacy, Healthcare Data Security BYOD

Data Breaches News

Medical Info. Included in Nevada Data Breach Notification Law

May 20, 2015 - Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into effect on July 1, 2015. The bill also expanded the definition of personal information to account for other factors. "Existing law defines the types...


Articles

What Happens When a Healthcare Cyber Policy is Broken?

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Which States Have a Data Breach Notification Law?

Data breach notification is essential for organizations of all sizes, and those in the healthcare industry are no exception. In fact, the HIPAA  breach notification rule requires that covered entities and their business associates notify...

Human Error Top Data Security Issue, Says Law Firm Report

It seems as if every week there is a new top data security issue for healthcare organizations to remain vigilant on. If nothing else, it further underlines why a well-rounded approach to data security is essential, and covered entities must ensure...

ISMA Data Breach Reportedly from IT Head’s Stolen Devices

The Indiana State Medical Association (ISMA) information technology administrator reportedly is the employee who had a laptop computer and two external hard drives stolen in February, potentially exposing the information of 39,000 patients and...

Ponemon Finds 125% Increase in Healthcare Cyber Attacks

Healthcare cyber attacks continue to make headlines, but recent research shows that such criminal attacks are on the rise in the industry. Since 2010, there has been a 125 percent increase in criminal attacks in the healthcare industry, according...

Hacking Still Leading Cause of 2015 Health Data Breaches

Health data breaches are clearly not going away anytime soon, as 2015 has proven itself to consist of some of the largest breaches and hacking incidents on record. The Anthem data breach and Premera Blue Cross breach are the largest data breaches...

HRSA Data Security Controls Need Improvement, Says OIG

Data security controls at the Health Resources and Services Administration (HRSA) were not fully implemented and monitored, according to a recent report from the Office of the Inspector General (OIG). HRSA must improve its data security controls,...

Data Breach Response Best Practices Guide Released by DOJ

The Department of Justice’s (DOJ) Cybersecurity Unit recently released a data breach response guide to help facilities better prepare for data security incidents before they occur, as well as what to do after the fact. While the guide was created...

Health Data Included in Ala. Data Breach Notification Bill

A recently proposed data breach notification bill in Alabama could make it the 48th state to have such legislation in place. The bill was first introduced on March 3, 2015, and as of April 14, 2015, it is listed as being under “further consideration”...

New Data Breach Notification Bill Lets States Keep Own Laws

Several Democratic senators have introduced a national data breach notification bill that will allow states to keep their own notification laws if they have more strict policies already in place. The Consumer Privacy Protection Act was introduced...

Phishing Attack Affects 3,300 Partners HealthCare Patients

Yet another phishing attack was announced this week, potentially affecting 3,300 patients at Partners HealthCare System, Inc. According to a company statement, the Massachusetts-based facility learned on November 25, 2014 that employees had fallen...

Exposed Medical Records Potentially Puts Patients At Risk

Healthcare facilities must ensure they have the latest privacy and security measures in place to prevent exposed medical records and work toward keeping data breach risks to a minimum. Along with the latest technological safeguards, covered entities...

Phishing Scam, Stolen Laptop Lead to Potential Data Breaches

Healthcare data breaches can be caused from a variety of incidents, such as an email phishing scam, misplaced medical records, and lost or stolen mobile devices. Without a comprehensive security plan and extensive understanding of HIPAA regulations,...

Ill. Data Breach Law Passes Senate, Includes Medical Data

The Illinois Senate passed a data breach law that now includes medical and health insurance data in its definition of “personal information.” The Personal Information Act, or SB 1833, was previously in place, but the new version amends certain...

Is Healthcare Improving Data Breach Prevention Measures?

Healthcare data breach prevention measures are essential in today’s industry, especially as technology continues to evolve and more facilities begin to connect to other networks. Secure data sharing is more prevalent, and organizations need...

OCR HIPAA Settlement Costs Cornell $125K

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) announced earlier this week that it hand handed a $125,000 HIPAA settlement fine to Cornell Prescription Pharmacy (Cornell). In addition to the fine, Cornell will...

Second Email Phishing Scam Hits Ascension Health Facility

Another email phishing scam was reported at an Ascension Health facility, but it has not yet been said whether the two incidents are related. Seton Family of Hospitals, a division of Seton Healthcare Family (“Seton”), announced on...

PHI Compromised in Email Phishing Scam

No healthcare organization, whether a provider or insurer, wants to have PHI compromised. However, even with the necessary security measures in place and thorough employee training programs, incidents can still occur. That is the case at an Indiana...

Anthem Data Breach Public Forums Cancelled at Ind. School

Following the Anthem data breach, company representatives were slated to speak at several public forums this week at Indiana-based Ball State University, where employees were reportedly victims of identity theft. However, Anthem representatives...

X

Sign up for our free HealthITSecurity.com newsletter and stay up to date with tips and advice on:

HIPAA
BYOD
Data Security
VDI
Cloud Security

Our privacy policy

no, thanks