Healthcare Information Security

HIPAA Administrative Safeguards

Redspin service combines HIPAA and PCI DSS analyses

by Nicole Freeman

Redspin, Inc., an IT security assessments and testing provider, has announced a new service that combines HIPAA Security Risk and PCI DSS 3.0 Gap Analyses. Reports are created through single-process analysis of data collection and policy review,...

Southwest General notifies 480 patients of data breach

by Nicole Freeman

Southwest General Health Center of Ohio is notifying more than 480 patients involved in an obstetrics study of a missing binder containing patient information, according to reports from Fox 8 Cleveland and Cleveland.com. The binder has been missing...

N.C. DHHS secretary apologizes for Medicaid data breach

by Patrick Ouellette

North Carolina Department of Health and Human Services (DHHS) secretary Aldona Wos apologized on Tuesday at a legislative committee meeting in response to last month’s Medicaid card breach that affected 48,752 patients. While apologetic,...

Phoebe Putney Memorial notifies 6,777 patients of breach

by Nicole Freeman

The Phoebe Putney Memorial Hospital (PPMH) in Albany, Georgia is notifying 6,777 patients of a potential data breach after an unencrypted desktop computer was found missing on November 6, according to reports from WALB.com, WTVM.com and The Florida...

HIE privacy, security best practices: A review

by Nicole Freeman

Health information exchanges (HIEs) continue to play an important role in healthcare, allowing the quick, easy exchange of patient information between physicians, providers, hospitals, pharmacies, payers, and other healthcare professionals while...

Notices of stolen S.C. insurance data sent 2 months after theft

by Nicole Freeman

A South Carolina state-mandated health insurance program notified customers of a laptop theft two months after the theft was reported, according to GoUpstate.com. The laptop contained information from 3,432 customers who had used the program...

Kentucky auditor makes case for data breach notification law

by Patrick Ouellette

Most healthcare organizations are aware of breach notification requirements on a federal level, but most states have rules and regulations for notifying patients of a data breach. However, Kentucky is not one of those states and its auditor recently...

Laptop stolen from N.M. Oncology and Hematology Consultants

by Nicole Freeman

A laptop was stolen from an employee office at New Mexico Oncology and Hematology Consultants, Ltd. (NMOHC), according to a statement on their website. The theft was discovered on November 13, 2013, and was reported to the police. The laptop...

Update: Nearly 49,000 Medicaid cards incorrectly mailed

by Nicole Freeman

Health officials in North Carolina announced a Medicaid mix-up involving more than 48,000 children, according to a public release from the state’s Department of Health and Human Services (DHHS). The cards were issued to patients being switched...

Omnicell data breach suit dismissal: Healthcare ramifications

by Patrick Ouellette

A lawsuit against Omnicell stemming from a 2012 health data breach was recently dismissed, in part, because the plaintiff failed to prove damages related to the breach. The interesting part of the dismissal, however, was that there were four...

Misprinted bills expose Penn patient information

by Nicole Freeman

University of Pennsylvania Health System (Penn) patients received bills containing both their information and that of other patients, according to a report from Philly.com. RevSpring, a Michigan-based billing vendor used by Penn, believes the...

Former resident physician drops case against Iowa hospital

by Nicole Freeman

Former resident physician Dr. Julie C. Howard has dismissed her lawsuit against Mercy Medical Center-North Iowa, according to the Globe Gazette. Howard had filed the suit, accusing Mercy of breach of contract, in June of 2011 in Cerro Gordo County...

Patients file class suit v. Kaiser for data breach damages

by Patrick Ouellette

Considering nearly 49,000 Kaiser Foundation Hospital Orange County - Anaheim Medical Center patients were affected by Kaiser’s September 25 data breach, it’s not all that surprising that a class-action lawsuit has been filed under...

Barnabas Health sends patient data breach notifications

by Patrick Ouellette

Barnabas Health of New Jersey has sent notification letters to 1,100 pediatric specialty center patients explaining that their data may have been compromised as a result of an unencrypted laptop being stolen on Sept. 24, 2013. In a sample notice...

Barry University notifies patients of May data breach

by Nicole Freeman

Barry University Foot and Ankle Institute patients are being notified of data breach after a school laptop was infected with malware in May, according to the Miami Herald. The university hired a computer forensic company to remove the malware...

Colorado Medicaid notifies 1,918 patients of data breach

by Nicole Freeman

Information from 1,918 Colorado Medicaid patients was breached after a temporary employee from outside contractor Colorado Community Health Alliance (CCHA) sent the information to his or her own personal email address, according to reports from...

Update: Dermatology practice pays HHS $150,000 in HIPAA fines

by Nicole Freeman

The Department of Health and Human Services (HHS) announced in a press release yesterday that Adult & Pediatric Dermatology, P.C. (APDerm) of Concord, Mass., will pay $150,000 in fines stemming from a 2011 data breach. On Sept. 14, 2011,...

Laptop stolen from Inspira Medical Center Vineland

by Nicole Freeman

A laptop containing patient information was stolen from the radiology department at Inspira Medical Center Vineland in New Jersey, according to reports on TheDailyJournal.com and NJ.com. The computer was reported missing from an unsecured filing...

Wash. Memorial VA endures 1,519-patient health data breach

by Patrick Ouellette

The Jonathan M. Wainwright Memorial VA Medical Center (VAWW) of Walla Walla, Washington mistakenly sent 1,519 patients’ data to an external education partner on November 1, according to PHIPrivacy.net. While the exact types of exposed...

Tennova Cardiology subcontractor breach affects 2,777 patients

by Patrick Ouellette

Tennova Cardiology of East Tennessee has informed 2,777 patients via notification letter that their data was compromised following the theft of an unnamed third-party transcription contractor’s unencrypted laptop from their car on October...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks