Healthcare Information Security

Healthcare Data Breach

UPMC Health Data Breach Lawsuit Dismissed

by Elizabeth Snell

A Pennsylvania judge dismissed the health data breach lawsuit that had been filed against the University of Pittsburgh Medical Center (UPMC) last year. Former UPMC employees filed the lawsuit after a data breach compromised the information of...

Did Failed Administrative Safeguards Cause Two Data Breaches?

by Elizabeth Snell

This site constantly underlines the importance of healthcare organizations keeping all of their safeguards up to date, as anything from failed administrative safeguards to failed physical safeguards can create privacy and security issues. Without...

Health Data Breaches Expose Info. in NH, NJ and NY

by Elizabeth Snell

Three recent different health data breaches affected individuals in New Hampshire, New Jersey, and New York. While not connected, these incidents further underline the importance for comprehensive security measures. Anything from human error...

Healthcare Data Breaches Have Highest Cost, Says Ponemon

by Elizabeth Snell

Healthcare data breaches average the highest cost per stolen record, with organizations reaching as high as $363, according to Ponemon’s annual Cost of Data Breach Study: Global Analysis, sponsored by IBM. For the US specifically,...

Medical Management Data Breach Impacting Multiple States

by Elizabeth Snell

Last week, we reported on a healthcare data breach where a third party facility, Medical Management LLC, connected with the University of Pittsburgh Medical Center (UPMC) reported that approximately 2,200 UPMC patients may have had their records...

North Dakota Data Breach Notification Law Amended

by Elizabeth Snell

Data breach notification laws continue to be implemented and amended across the country, as North Dakota becomes the latest state to clarify its regulations on privacy and security. North Dakota Governor Jack Dalrymple recently signed SB 2214...

CareFirst Health Data Breach Affects 1.1M Individuals

by Elizabeth Snell

CareFirst BlueCross BlueShield (CareFirst) joins the list of healthcare organizations affected by a large cybersecurity attack, as it announced yesterday that approximately 1.1 million current and former members potentially had their information...

Medical Info. Included in Nevada Data Breach Notification Law

by Elizabeth Snell

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

Accidental and Unauthorized Emails Create PHI Security Issues

by Elizabeth Snell

No covered entity wants to notify patients of a potential PHI security incident, yet even with the appropriate safeguards in place, problems could still occur. When this happens, it is important to properly notify potentially affected individuals...

Possible Health Data Breaches From Theft, Unauthorized Access

by Elizabeth Snell

Even when covered entities implement sophisticated cybersecurity measures, health data breaches can still happen. It is important to not overlook seemingly simple security measures, such as installing proper locks on doors or even having an alarm...

What Happens When a Healthcare Cyber Policy is Broken?

by Elizabeth Snell

It is not uncommon for healthcare organizations to create a healthcare cyber policy with an insurance company, detailing what will take place should a data breach happen. However, if such policies are not followed, a covered entity might not...

Malware, Billing Company Theft Equal Health Data Breaches

by Elizabeth Snell

Health data breaches are not going to disappear anytime soon, which is why covered entities must ensure that their safeguards are current and comprehensive. Anything from malware to sophisticated cyber attacks to stolen laptops can lead to PHI...

Human Error Top Data Security Issue, Says Law Firm Report

by Elizabeth Snell

It seems as if every week there is a new top data security issue for healthcare organizations to remain vigilant on. If nothing else, it further underlines why a well-rounded approach to data security is essential, and covered entities must ensure...

ISMA Data Breach Reportedly from IT Head’s Stolen Devices

by Elizabeth Snell

The Indiana State Medical Association (ISMA) information technology administrator reportedly is the employee who had a laptop computer and two external hard drives stolen in February, potentially exposing the information of 39,000 patients and...

Healthcare Data Breaches Stem From Break-in, Phishing, Fraud

by Elizabeth Snell

Preventing healthcare data breaches requires organizations to take numerous factors into account, and ensure that their administrative, physical, and technical safeguards are all working with one another. One lost document, one employee falling...

Two Cases of Improper Disposal Cause Health Data Breaches

by Elizabeth Snell

Health data breaches can be caused by numerous situations, and with the increase of electronic medical records and online issues, the proper care of paper documents can occasionally be overlooked. Regardless of how covered entities store and...

Ponemon Finds 125% Increase in Healthcare Cyber Attacks

by Elizabeth Snell

Healthcare cyber attacks continue to make headlines, but recent research shows that such criminal attacks are on the rise in the industry. Since 2010, there has been a 125 percent increase in criminal attacks in the healthcare industry, according...

Hacking Still Leading Cause of 2015 Health Data Breaches

by Elizabeth Snell

Health data breaches are clearly not going away anytime soon, as 2015 has proven itself to consist of some of the largest breaches and hacking incidents on record. The Anthem data breach and Premera Blue Cross breach are the largest data breaches...

Lost Flash Drive Potentially Exposes Patient Information

by Elizabeth Snell

A South Carolina news station reported yesterday that a lost flash drive containing “limited patient information” pushed a hospital to send out notification letters. Roper St. Francis Hospital will send letters to approximately 360...

Data Breach Response Best Practices Guide Released by DOJ

by Elizabeth Snell

The Department of Justice’s (DOJ) Cybersecurity Unit recently released a data breach response guide to help facilities better prepare for data security incidents before they occur, as well as what to do after the fact. While the guide was created...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks