Healthcare Information Security

PHI Security

Rehabilitation Facility Reports Patient Data Files Unattended

February 23, 2017 - Catalina Post-Acute and Rehabilitation recently became aware of an incident where paper files containing resident and employee information were left in an unattended area. The patient data files, along with certain employee information, were left temporarily vulnerable to possible unauthorized public access. The healthcare organization reported on its website that it found evidence on December...


More Articles

Rehabilitation Facility Reports Patient Data Files Unattended

by Kate Monica

Catalina Post-Acute and Rehabilitation recently became aware of an incident where paper files containing resident and employee information were left in an unattended area. The patient data files, along with certain employee information, were...

Nearly Half of Surveyed Patients Worried Over PHI Security

by Elizabeth Snell

With the majority of healthcare data breaches in 2016 stemming from either a hacking or IT-related incident or unauthorized access or disclosure, it should not be a surprise that more patients are concerned with their PHI security. The 2017 Xerox...

3 Key Steps for Stronger Data Security in Healthcare

by Bill Kleyman

There was a recent Forbes article that analyzed the findings from the Office for Civil Rights (OCR), which looked at the total number of breaches and impacted people in 2015. So, what did OCR find? In 2015, there were 253 healthcare breaches,...

Potentially Unencrypted Laptop Stolen from LA Hospital

by Kate Monica

On December 21, 2016, Children’s Hospital Los Angeles (CHLA) and Children’s Hospital Los Angeles Medical Group (CHLAMG) became aware of a potentially unencrypted laptop stolen on October 18, containing the personal health information...

DirectTrust PHI Sharing Increases 24% Since End of 2015

by Elizabeth Snell

The number of healthcare organizations using DirectTrust interoperability tools in 2016, including PHI sharing options, has seen significant growth, according to recent DirectTrust numbers. There were more than 98 million Direct message transactions...

OCR Clarifies PHI Disclosure Guidance in HIPAA Privacy Rule

by Elizabeth Snell

Partially due to legal confusion following the 2016 Orlando nightclub shooting, the Office for Civil Rights (OCR) has released an FAQ clarifying certain aspects of PHI disclosure policies with patients’ loved ones under the HIPAA Privacy...

LabMD Files Review Petition Against Data Breach Allegations

by Elizabeth Snell

LabMD filed a petition for review on December 27, 2016, following a U.S. federal appeals court granting a stay of an FTC order in the continuing battle between the two parties over data breach allegations. The U.S. Court of Appeals for the 11th...

Protecting Healthcare Physical Assets Containing PHI

by Bill Kleyman

Administrators are actively looking into more ways to protect their virtual machines, their data points, and all of those logical resources that the organization relies upon. As the healthcare entity becomes even more digitized, we must never...

Records Containing PHI Stolen from TX Orthaepedic Facility

by Kate Monica

On December 15th, Oak Cliff Orthopaedic Associates announced a theft involving records containing personal PHI from the years 2006 to 2007. According to a report from Oak Cliff, the Lewisville Police Department has since located and returned...

Secure Texting Rules Clarified in Joint Commission Newsletter

by Elizabeth Snell

Using secure texting for patient care orders is still not acceptable, the Joint Commission explained in its December newsletter. While the Joint Commission had reinstated its ban on the mHealth platform earlier this year, it stated that some...

Health IT Overconfident in Data Breach Detection, Remediation

by Elizabeth Snell

Being able to detect, react, and mitigate a data breach is essential for any healthcare organization. However, a recent Tripwire survey found that health IT professionals are in fact overconfident in their ability to collect the necessary data...

Unencrypted Flash Drive Lost, Privacy Incident for 2K

by Elizabeth Snell

OptumHealth New Mexico reported on November 17, 2016 that it experienced a privacy incident affecting approximately 2,000 individuals when an unencrypted flash drive was lost. OptumHealth said that it was notified on September 26, 2016 that a...

A Practical Guide to Healthcare Disaster Recovery Planning

by Jeremy Molnar of CynergisTek, Inc.

This year, healthcare has been hit by multiple cyber events that have demonstrated the importance of and just how critical contingency planning is to providing care. Furthermore, massive DDoS attacks using the thousands of IoT devices connected...

HIPAA Privacy Changes Not in Recent 21st Century Cures Act

by Elizabeth Snell

The House of Representatives passed the 21st Century Cures Act yesterday with a vote of 392 to 26. This latest version of the legislation did not include wording that could have made it possible to change the HIPAA Privacy Rule and potentially...

PHI Data Breach Stems from Computer Hacking at GA Entity

by Elizabeth Snell

Georgia-based Vascular Surgical Associates recently announced on its website that it had experienced a PHI data breach after one of its computer servers was accessed by an outside party. The incident happened around the time of a software update,...

Protect Healthcare Data with User Training, Secure Systems

by Bill Kleyman

As covered entities and business associates of all sizes work to protect healthcare data, there are numerous aspects to consider, especially as cybsecurity threats continue to evolve and become more sophisticated.  We often focus on major...

Are Stolen Medical Records Still Worth More Than Financial Data?

by Elizabeth Snell

Healthcare data breaches can be harmful to not only the organizations that experience an incident, but also to patients who may have had their information inappropriately accessed. However, a recent report shows that stolen medical records are...

Pharmaceutical Leaders Sentenced for HIPAA Violations, Fraud

by Elizabeth Snell

Three former district managers of a pharmaceutical firm have been sentenced for their connection in committing HIPAA violations and healthcare fraud, according to a release from the District of Massachusetts U.S. Attorney’s Office (USAO)....

Health Data Hacking Incident Affects 29K at Texas Hospital

by Elizabeth Snell

Texas-based Integrity Transitional Hospital recently reported a health data hacking incident that may have affected the information of 29,514 patients, according to the Office for Civil Rights data breach reporting tool. Integrity explained in...

PHI Access Challenges Addressed in Recent ONC Resources

by Elizabeth Snell

Healthcare organizations face numerous potential PHI access challenges, especially as more entities continue to adopt new EHRs, according to the Office of the National Coordinator (ONC). That is why ONC wanted to ensure that covered entities...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks