Healthcare Information Security

HIPAA

HISP primer for data exchange: Security certificate standards

by Patrick Ouellette

The term “Health Information Services Provider (HISP)” is thrown around fairly often when discussing health information exchange (HIE) and Direct transport. But the ins and outs of HISP communication, which includes issuing security...

What does UCLA HIV study mean for social media privacy?

by Patrick Ouellette

Social media is starting to be recognized as a valuable tool for predictive analytics in healthcare, but what are the potential privacy effects among users? A recent UCLA Medicine study that was published in peer-reviewed journal Preventive Medicine...

Patient information breached after office computer theft

by Nicole Freeman

An office break-in may have comprised the protected health information (PHI) of patients at Dr. J.M. Benson’s Sherman, Texas practice, according to a report from the Herald Democrat. The incident was reported on January 5, 2014. During the...

HL7 gives Tiger Team V/D/T privacy, security policy feedback

by Patrick Ouellette

The HIT Policy Committee Privacy & Security Tiger Team continued to review patients’ family, friends and personal representative access to Certified EHR Technology “view/download/transmit” (V/D/T) features during its recent February...

Palo Verde Healthcare reports internal data breach

by Patrick Ouellette

The Palo Verde Healthcare District (PVHD) recently alerted an unknown number of patients with letters that a HIPAA violation had occurred involving their protected health information (PHI). Four former PVHD administrator employees a civil lawsuit...

Faxing error causes United Healthcare breach

by Nicole Freeman

A Portland, Oregon man has been receiving erroneous faxes containing protected health information (PHI) from Community Memorial Hospital patients through an apparent error with United Healthcare, an insurance company, according to a report from...

Triple-S receives $6.8M fine for HIPAA violation

by Nicole Freeman

Triple-S Salud, a Puerto Rican managed care company, has been fined $6.8 million by the Medical Insurance Administration (ASES in Spanish) after a HIPAA violation, according to a report from Caribbean Business. The breach occurred last year....

HealthShare Montana to use Coalfire’s HIPAAcentral

by Nicole Freeman

HealthShare Montana, a non-profit state health information exchange (HIE), will be offering HIPAA compliance services to its participants throughout the state with Coalfire’s HIPAAcentral. Coalfire provides risk assessment and compliance management...

VA risk management team expects data breach in year ahead

by Nicole Freeman

A memo from the Department of Veterans Affairs (VA) has noted that the organization’s security standards are so lacking that a data breach is “practically unavoidable,” according to reports from CNBC and Military.com. The comment was made...

Factoring new technologies into healthcare risk analysis

by Patrick Ouellette

The HIMSS14 Conference down in Orlando this week will present an opportunity for vendors of all different sizes and specialties to display their offerings to their user audience. New technologies are being announced on what seems like an hourly...

Healthcare network access data found on file-sharing website

by Nicole Freeman

Documents containing information on how to access healthcare provider networks were found on the file-sharing website 4shared.com, known as source of information for hackers, according to a report from The Wall Street Journal. The files included...

HIMSS14: 10 healthcare data security challenges

by Mac McMillan

This week many of us will head off to the HIMSS14 annual conference in Orlando. For some this will represent a break from this years harsh winter weather, for others a welcome break from the routine and a chance to see what’s new, and for others...

Middlesex Hospital uses Splunk software for HIPAA compliance

by Nicole Freeman

Middlesex Hospital, a HIMSS Stage 6 hospital, is using Splunk Inc. real-time operational intelligence software to meet HIPAA and HITECH standards throughout its hospital IT network and to secure its electronic healthcare records (EHR). The...

(ISC)2 offers healthcare IT security and privacy training

by Nicole Freeman

(ISC)² (“ISC-squared”), a not-for-profit group of certified information and software security professionals, is offering a specialized program meeting its HealthCare Information Security and Privacy Practitioner (HCISPPSM) credential....

St. Vincent Hospital notifies 1,100 patients of laptop theft

by Nicole Freeman

Over 1,100 patients of St. Vincent Hospital in Indianapolis are being notified of a potential data breach after laptop being used with an EEG machine was reported missing, according to a report from WISHTV.com. The laptop, which was password-protected,...

HIMSS14 session preview: HIPAA security controls & analytics

by Nicole Freeman

While healthcare organizations are often warned of data breaches and the need for security measures, there may be concern as to what kinds of protection are needed. How much security is enough? What does each unique provider need to do to protect...

HIMSS14 session preview: Patient privacy trends

by Nicole Freeman

Protecting patient data should be a high priority for all healthcare providers, and the government continues to create policy regarding the protection and access of protected health information (PHI). The Department of Health and Human Services...

Organizations adding cyber insurance in lieu of data breaches

by Patrick Ouellette

With data breaches come heavy costs from both a financial and public relations perspective and organizations are beginning to prepare for the financial repercussions. The Boston Globe recently reported that, based on research done by Marsh LLC,...

HIMSS14 session preview: Encrypting data at rest

by Nicole Freeman

Healthcare providers often hear about the benefits of encrypting protect health information (PHI), and the data breaches that become more serious when information is unencrypted. Encrypting data at rest is required of HIPAA-covered entities per...

WEDI publishes health data breach notification tips

by Patrick Ouellette

The Workgroup for Electronic Data Interchange (WEDI) Privacy and Security Workgroup recently published its Breach Risk Assessment Issue Brief to offer reminders to healthcare organizations regarding the breach notification decision process. According...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks