Healthcare Information Security

HIPAA

How a community hospital CIO stays ahead of the security curve

by Patrick Ouellette

When a smaller community hospital doesn’t necessarily have the same level of funding and resources as a larger hospital or healthcare network, it’s forced to maximize what it already has in place while staying in line with federal...

Phishing attack exposes Franciscan Health System patient data

by Patrick Ouellette

Despite the growing number of threats that healthcare security professionals must stay current with, many are making concerted efforts to devote time and resources to preventing human error breaches, including phishing attacks. It appears as...

Palomar Health notifies 5,000 patients of health data breach

by Patrick Ouellette

Following a burglary of a laptop and two flash drives back in late February, Palomar Health of California announced that about 5,000 patients’ data was exposed in the breach. According to U-T San Diego, the devices had been stolen from...

ONC, OCR release new HIPAA security risk assessment tool

by Patrick Ouellette

After previewing the new security risk assessment (SRA) tool at HIMSS14, the Office of the National Coordinator for Health Information Technology (ONC) and Office for Civil Rights (OCR) announced the official release of the tool today. “We...

UK Health reports 1,079-patient data breach

by Patrick Ouellette

University of Kentucky (UK) Healthcare has alerted 1,079 patients of a February 4, 2014 data breach involving one of its vendor HIPAA business associates (BAs). The UK HealthCare billing services vendor, Talyst, reported to UK that a password...

Report: Walgreens ‘Well Experience’ exposed patient data

by Patrick Ouellette

Even when an organization such as Walgreens that handles protected health information (PHI) tries to improve the consumer experience, it must tread lightly in doing so. Within the past year or so, Walgreens has released its “Well Experience”...

HHS: Monroeville, Pa. did not breach HIPAA regulations

by Patrick Ouellette

As much as healthcare organizations, as well as the public HIPAA covered entities that handle patient data in some form, keep track of data breaches and government penalties for compliance failures, an organization being absolved of HIPAA breach...

Effective and secure internal communication key for hospitals

by Patrick Ouellette

Those in charge of information technology within healthcare organizations can’t fall into the trap of concentrating on one area of need when it comes to security, which can prove to be difficult when specific incidents pop up. Instead,...

Stanford Hospital, BAs agree to $4 million breach settlement

by Patrick Ouellette

As a result of a data breach that occurred back in 2010, Stanford Hospital & Clinics and a former contractor will reportedly have to dole out more than $4 million to settle a class action lawsuit. According to the San Jose Mercury News, 20,000...

Calculating mental health data exposure ramifications

by Patrick Ouellette

When discussing patient privacy, mental and behavioral health records have a higher standard of care because of the sensitive nature of the information. Mental health patients have the subjective right to decide what is and isn’t available...

UCSF 9,986 patients of data breach

by Nicole Freeman

UC San Francisco (UCSF) reported that computers were stolen from UCSF Family Medicine Center at Lakeshore around January 11, according to a statement on its website. While it is unclear how many devices were involved in the incident, UCSF has...

St. Joseph Health releases data from 11,800 patients

by Nicole Freeman

A St. Joseph Health of California employee accidentally sent patient protected health information (PHI) to healthcare investment firm Cain Brothers in February, according to a report from The Press Democrat. The data, which related to home health...

Tiger Team finalizes V/D/T advice, begins DS4P discussion

by Patrick Ouellette

The HIT Policy Committee Privacy & Security Tiger Team had a lot on its agenda during Monday’s meeting, as it had to finalize view/download/transmit (V/D/T) recommendations and begin discussion on future work with the Data Segmentation...

Human error tops Ponemon patient data security study threats

by Patrick Ouellette

The Ponemon Institute’s fourth annual Patient Privacy & Data Security Study reviewed new and expanded threats of patient data security and privacy. Based on the results of the study, human error continues to be the biggest source of...

Cornerstone Neurology data breach affects 548 patients

by Nicole Freeman

Cornerstone Health Care in High Point, North Carolina reported a laptop containing information from 548 patients stolen from Cornerstone Neurology, according to a report from The Business Journal. The laptop disappeared sometime between December...

United Healthcare, Roper Hospital fax breach update

by Nicole Freeman

After mistakenly receiving faxes from a Wisconsin hospital for over a year, Oregon man Stephen Butler discovered that a second hospital, Roper Hospital in Charleston, South Carolina, has sent him a fax containing protected health information...

Iowa DHS reports data breach affects 2,042 clients

by Nicole Freeman

The Iowa Department of Human Services (DHS) has reported a data breach that compromised 2,042 individuals’ protected health information (PHI). The breach stemmed from DHS employees acting inappropriately while performing social work assessments...

HIPAA audit preparation and compliance: BA effects on CEs

by Nicole Freeman

While the timetable for 2014 HIPAA audits has not been released, the Office for Civil Rights (OCR) has begun surveying covered entities and business associates (BAs) to gauge organizational preparedness for the upcoming OCR HIPAA Audit Program....

Los Angeles County DHS reveals 168,000 patient data breach

by Patrick Ouellette

The Los Angeles County Department of Health Services (DHS) recently announced that it has begun notifying 168,000 patients of a data breach at Sutherland Healthcare Solutions, which handles DHS’s billing and collections. Sutherland has...

HHS fines Skagit, Wash. $215K in first county HIPAA settlement

by Patrick Ouellette

As part of the first the first HIPAA violation settlement with a county government, the Department of Health and Human Services (HHS) announced today that Skagit County of Northwest Washington, agreed to a $215,000 monetary settlement and to...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks