Healthcare Information Security

HIPAA

Hurley Medical Center notifies employees of data breach

by Patrick Ouellette

Hurley Medical Center is in the process of dealing with an employee data breach that was a result of an error made while the organization was working to resolve payment errors with its health plan. According to mlive.com, an email attachment...

FTC to define data security principles in LabMD case

by Patrick Ouellette

For good reason, healthcare organizations are weary of potential fines and audits coming from the Department of Health and Human Services (HHS) and Office for Civil Rights. But the ongoing Federal Trade Commission (FTC) v. LabMD lawsuit may have...

UC Irvine alerts patients of keylogging malware incident

by Patrick Ouellette

University of California Irvine (UCI) announced last week that 1,813 students and some non-students were impacted by a data breach involving keylogging software malware. The UCI IT Security office learned that the breach had affected three UCI...

HIPAA compliant ways to secure a provider’s private cloud

by Patrick Ouellette

Many healthcare organizations have realized that using cloud computing doesn’t need to be an all-in strategy that requires a complete overall of their infrastructure. Instead, many have taken advantage of virtual machine (VM) deployment...

Boulder Community Health reviews paper PHI record exposure

by Patrick Ouellette

After a reported HIPAA violation, Boulder Community Health (BCH) of Colorado is in the process of investigating its third patient data breach since 2008, according to The Daily Camera. The context of the breach is a bit bizarre in that, unknown...

Secure healthcare communication in a mobile environment

by Andy Nieto

Mobile technology has undoubtedly advanced, as today’s smartphone possesses more computing power than NASA did when we first put man on the moon. Power without purpose, however, is chaos and privacy and security are not ancillary considerations...

Varying opinions on HHS Security Risk Assessment Tool

by Patrick Ouellette

The Department of Health and Human Services (HHS) releasing its Security Risk Assessment Tool has spurred diverse opinions as to how healthcare organizations should use the tool as part of their compliance strategy as well as audit preparation....

Employees file class suit against UPMC following data breach

by Patrick Ouellette

Employees affected by the University of Pittsburgh Medical Center (UPMC) data breach have filed a class action lawsuit against UPMC and its payroll vendor, Ultimate Software Group. The suit says that UPMC and the vendor breached its duty to protect...

HHS deals out largest-ever $4.8M HIPAA violation settlement

by Patrick Ouellette

The Department of Health and Human Services (HHS) announced yesterday that it had handed out $4.8 million worth of HIPAA fines to New York and Presbyterian Hospital (NYP) and Columbia University (CU) after they submitted a joint breach report...

Incorporating risk analysis into your HIPAA strategy

by Patrick Ouellette

In building a stout privacy and security compliance program that would stand up well to federal HIPAA audits, proactive healthcare organizations are generally rewarded when it comes to data breach avoidance and remediation. But an important piece...

OCR dismisses Walgreens ‘Well Experience’ HIPAA complaint

by Patrick Ouellette

The Office for Civil Rights (OCR) has officially completed its investigation into the Walgreens “Well Experience” program and dismissed the complaint filed by the activist group, Change to Win (CtW), after finding CtW’s patient privacy...

Molina Healthcare contractor mail error exposes patient data

by Patrick Ouellette

Molina Healthcare, a multi-state healthcare organization, reported on Friday that a postcard mailing error in March had resulted in 5,261 former members’ Social Security numbers being inadvertently exposed. According to the Albuquerque...

UMass Memorial Medical sends out patient data breach notices

by Patrick Ouellette

After taking nearly two months to flesh out a patient data breach involving inappropriate internal access, UMass Memorial Medical Center (UMMMC) of Worcester, Mass. announced this week that it had alerted more than 2,400 affected patients of...

Centura Health alerts 1,000 patients of phishing attack

by Patrick Ouellette

A data breach involving Mercy Regional Medical Center of Durango, Colo. exemplifies the stark reality that phishing attacks have become more complex and difficult for even the most shrewd of users to pick out. Mercy employees, according to the...

Responding to a PHI breach with new technology, priorities

by Patrick Ouellette

James Furstenberg, Ferris State University IT Security Director, said he’s always wanted to be the person in charge of security at an organization after it had experienced a breach because the checkbooks open and the mentality and willingness...

Boston Medical Center transcription service exposes PHI

by Patrick Ouellette

Once it learned that 15,000 patients’ data had been exposed on its transcription service vendor’s website, Boston Medical Center (BMC) fired MDF Transcription Services and has sent breach notification letters to patients. The website...

Health data breach roundup: Tufts Health Plan, Iowa DHS

by Patrick Ouellette

Data breaches of all different shapes, sizes and victims are being reported on an almost daily basis, so it can be difficult to stay up to date on the latest breach incidents. HealthITSecurity.com has compiled a list of the latest breaches down...

Cybersecurity hackers target Boston Children’s Hospital

by Patrick Ouellette

Hackers have made multiple attempts to infiltrate Boston Children’s Hospital within the past month, according to a Boston Globe report. The hackers’ efforts were geared toward overloading the Children’s website and potentially...

How will HIPAA Risk Analysis tool factor into OCR audits?

by Patrick Ouellette

Slowly but surely, healthcare organizations are learning more about the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) HIPAA audits scheduled for the fall and many have downloaded the HIPAA Security Risk Analysis...

Coordinated Health data breach may impact 700 patients

by Patrick Ouellette

Coordinated Health reported this week that a data breach involving a stolen laptop belonging to an employee may have affected up to 700 patients. According to poconorecord.com, an employee in Bethlehem had left the laptop in their car and the...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks