Healthcare Information Security

PHI Security

OCR Clarifies PHI Disclosure Guidance in HIPAA Privacy Rule

January 10, 2017 - Partially due to legal confusion following the 2016 Orlando nightclub shooting, the Office for Civil Rights (OCR) has released an FAQ clarifying certain aspects of PHI disclosure policies with patients’ loved ones under the HIPAA Privacy Rule. The FAQ is applicable in numerous situations, but OCR explained in an email that the incident in Orlando brought forth questions about “disclosures...


More Articles

OCR Clarifies PHI Disclosure Guidance in HIPAA Privacy Rule

by Elizabeth Snell

Partially due to legal confusion following the 2016 Orlando nightclub shooting, the Office for Civil Rights (OCR) has released an FAQ clarifying certain aspects of PHI disclosure policies with patients’ loved ones under the HIPAA Privacy...

LabMD Files Review Petition Against Data Breach Allegations

by Elizabeth Snell

LabMD filed a petition for review on December 27, 2016, following a U.S. federal appeals court granting a stay of an FTC order in the continuing battle between the two parties over data breach allegations. The U.S. Court of Appeals for the 11th...

Protecting Healthcare Physical Assets Containing PHI

by Bill Kleyman

Administrators are actively looking into more ways to protect their virtual machines, their data points, and all of those logical resources that the organization relies upon. As the healthcare entity becomes even more digitized, we must never...

Records Containing PHI Stolen from TX Orthaepedic Facility

by Kate Monica

On December 15th, Oak Cliff Orthopaedic Associates announced a theft involving records containing personal PHI from the years 2006 to 2007. According to a report from Oak Cliff, the Lewisville Police Department has since located and returned...

Secure Texting Rules Clarified in Joint Commission Newsletter

by Elizabeth Snell

Using secure texting for patient care orders is still not acceptable, the Joint Commission explained in its December newsletter. While the Joint Commission had reinstated its ban on the mHealth platform earlier this year, it stated that some...

Health IT Overconfident in Data Breach Detection, Remediation

by Elizabeth Snell

Being able to detect, react, and mitigate a data breach is essential for any healthcare organization. However, a recent Tripwire survey found that health IT professionals are in fact overconfident in their ability to collect the necessary data...

Unencrypted Flash Drive Lost, Privacy Incident for 2K

by Elizabeth Snell

OptumHealth New Mexico reported on November 17, 2016 that it experienced a privacy incident affecting approximately 2,000 individuals when an unencrypted flash drive was lost. OptumHealth said that it was notified on September 26, 2016 that a...

A Practical Guide to Healthcare Disaster Recovery Planning

by Jeremy Molnar of CynergisTek, Inc.

This year, healthcare has been hit by multiple cyber events that have demonstrated the importance of and just how critical contingency planning is to providing care. Furthermore, massive DDoS attacks using the thousands of IoT devices connected...

HIPAA Privacy Changes Not in Recent 21st Century Cures Act

by Elizabeth Snell

The House of Representatives passed the 21st Century Cures Act yesterday with a vote of 392 to 26. This latest version of the legislation did not include wording that could have made it possible to change the HIPAA Privacy Rule and potentially...

PHI Data Breach Stems from Computer Hacking at GA Entity

by Elizabeth Snell

Georgia-based Vascular Surgical Associates recently announced on its website that it had experienced a PHI data breach after one of its computer servers was accessed by an outside party. The incident happened around the time of a software update,...

Protect Healthcare Data with User Training, Secure Systems

by Bill Kleyman

As covered entities and business associates of all sizes work to protect healthcare data, there are numerous aspects to consider, especially as cybsecurity threats continue to evolve and become more sophisticated.  We often focus on major...

Are Stolen Medical Records Still Worth More Than Financial Data?

by Elizabeth Snell

Healthcare data breaches can be harmful to not only the organizations that experience an incident, but also to patients who may have had their information inappropriately accessed. However, a recent report shows that stolen medical records are...

Pharmaceutical Leaders Sentenced for HIPAA Violations, Fraud

by Elizabeth Snell

Three former district managers of a pharmaceutical firm have been sentenced for their connection in committing HIPAA violations and healthcare fraud, according to a release from the District of Massachusetts U.S. Attorney’s Office (USAO)....

Health Data Hacking Incident Affects 29K at Texas Hospital

by Elizabeth Snell

Texas-based Integrity Transitional Hospital recently reported a health data hacking incident that may have affected the information of 29,514 patients, according to the Office for Civil Rights data breach reporting tool. Integrity explained in...

PHI Access Challenges Addressed in Recent ONC Resources

by Elizabeth Snell

Healthcare organizations face numerous potential PHI access challenges, especially as more entities continue to adopt new EHRs, according to the Office of the National Coordinator (ONC). That is why ONC wanted to ensure that covered entities...

Phishing Scam Creates Potential Patient Data Exposure in MA

by Elizabeth Snell

Massachusetts-based Baystate Health recently announced that several of its employees had fallen victim to a phishing scam, which potentially exposed the information of approximately 13,000 patients. Baystate learned on August 22, 2016 that five...

Why Businesses Must Adhere to FTC Act and HIPAA Privacy Rule

by Elizabeth Snell

Businesses that collect and share consumer health information need to not only be mindful of the HIPAA Privacy Rule, but must also adhere to the FTC Act. The Federal Trade Commission (FTC) released new guidance on key privacy and security considerations...

Potential CalOptima PHI Data Breach Affects 56K Members

by Elizabeth Snell

The California health system CalOptima is reporting a potential PHI data breach stemming from an August 17, 2016 incident. This is the second data security incident CalOptima has reported in the last month. The most recent incident when “a...

Will CMS Improve Patient Data Security with SSNRI?

by Elizabeth Snell

One aspect to the Medicare Access and CHIP Reauthorization Act (MACRA) of 2015 could affect patient data security measures, as it requires healthcare organizations to remove Social Security Numbers (SSNs) from all Medicare cards by April 2019....

Considering Healthcare Data Privacy with Health Data Sharing

by Elizabeth Snell

Information sharing is not without certain healthcare data privacy risks, but the potential rewards should be understood so individuals can make an educated choice when considering the trade off, according to Dr. Joseph Kvedar. In a recent blog...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks