Healthcare Information Security

Healthcare Data Breach

Healthcare Data Breaches Have Highest Cost, Says Ponemon

by Elizabeth Snell

Healthcare data breaches average the highest cost per stolen record, with organizations reaching as high as $363, according to Ponemon’s annual Cost of Data Breach Study: Global Analysis, sponsored by IBM. For the US specifically,...

Medical Management Data Breach Impacting Multiple States

by Elizabeth Snell

Last week, we reported on a healthcare data breach where a third party facility, Medical Management LLC, connected with the University of Pittsburgh Medical Center (UPMC) reported that approximately 2,200 UPMC patients may have had their records...

North Dakota Data Breach Notification Law Amended

by Elizabeth Snell

Data breach notification laws continue to be implemented and amended across the country, as North Dakota becomes the latest state to clarify its regulations on privacy and security. North Dakota Governor Jack Dalrymple recently signed SB 2214...

CareFirst Health Data Breach Affects 1.1M Individuals

by Elizabeth Snell

CareFirst BlueCross BlueShield (CareFirst) joins the list of healthcare organizations affected by a large cybersecurity attack, as it announced yesterday that approximately 1.1 million current and former members potentially had their information...

Medical Info. Included in Nevada Data Breach Notification Law

by Elizabeth Snell

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

Accidental and Unauthorized Emails Create PHI Security Issues

by Elizabeth Snell

No covered entity wants to notify patients of a potential PHI security incident, yet even with the appropriate safeguards in place, problems could still occur. When this happens, it is important to properly notify potentially affected individuals...

Possible Health Data Breaches From Theft, Unauthorized Access

by Elizabeth Snell

Even when covered entities implement sophisticated cybersecurity measures, health data breaches can still happen. It is important to not overlook seemingly simple security measures, such as installing proper locks on doors or even having an alarm...

What Happens When a Healthcare Cyber Policy is Broken?

by Elizabeth Snell

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Malware, Billing Company Theft Equal Health Data Breaches

by Elizabeth Snell

Health data breaches are not going to disappear anytime soon, which is why covered entities must ensure that their safeguards are current and comprehensive. Anything from malware to sophisticated cyber attacks to stolen laptops can lead to PHI...

Human Error Top Data Security Issue, Says Law Firm Report

by Elizabeth Snell

It seems as if every week there is a new top data security issue for healthcare organizations to remain vigilant on. If nothing else, it further underlines why a well-rounded approach to data security is essential, and covered entities must ensure...

ISMA Data Breach Reportedly from IT Head’s Stolen Devices

by Elizabeth Snell

The Indiana State Medical Association (ISMA) information technology administrator reportedly is the employee who had a laptop computer and two external hard drives stolen in February, potentially exposing the information of 39,000 patients and...

Healthcare Data Breaches Stem From Break-in, Phishing, Fraud

by Elizabeth Snell

Preventing healthcare data breaches requires organizations to take numerous factors into account, and ensure that their administrative, physical, and technical safeguards are all working with one another. One lost document, one employee falling...

Two Cases of Improper Disposal Cause Health Data Breaches

by Elizabeth Snell

Health data breaches can be caused by numerous situations, and with the increase of electronic medical records and online issues, the proper care of paper documents can occasionally be overlooked. Regardless of how covered entities store and...

Ponemon Finds 125% Increase in Healthcare Cyber Attacks

by Elizabeth Snell

Healthcare cyber attacks continue to make headlines, but recent research shows that such criminal attacks are on the rise in the industry. Since 2010, there has been a 125 percent increase in criminal attacks in the healthcare industry, according...

Hacking Still Leading Cause of 2015 Health Data Breaches

by Elizabeth Snell

Health data breaches are clearly not going away anytime soon, as 2015 has proven itself to consist of some of the largest breaches and hacking incidents on record. The Anthem data breach and Premera Blue Cross breach are the largest data breaches...

Lost Flash Drive Potentially Exposes Patient Information

by Elizabeth Snell

A South Carolina news station reported yesterday that a lost flash drive containing “limited patient information” pushed a hospital to send out notification letters. Roper St. Francis Hospital will send letters to approximately 360...

Data Breach Response Best Practices Guide Released by DOJ

by Elizabeth Snell

The Department of Justice’s (DOJ) Cybersecurity Unit recently released a data breach response guide to help facilities better prepare for data security incidents before they occur, as well as what to do after the fact. While the guide was created...

Health Data Included in Ala. Data Breach Notification Bill

by Elizabeth Snell

A recently proposed data breach notification bill in Alabama could make it the 48th state to have such legislation in place. The bill was first introduced on March 3, 2015, and as of April 14, 2015, it is listed as being under “further...

New Data Breach Notification Bill Lets States Keep Own Laws

by Elizabeth Snell

Several Democratic senators have introduced a national data breach notification bill that will allow states to keep their own notification laws if they have more strict policies already in place. The Consumer Privacy Protection Act was introduced...

Phishing Attack Affects 3,300 Partners HealthCare Patients

by Elizabeth Snell

Yet another phishing attack was announced this week, potentially affecting 3,300 patients at Partners HealthCare System, Inc. According to a company statement, the Massachusetts-based facility learned on November 25, 2014 that employees had fallen...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks