Healthcare Information Security


Healthcare data breach trends: Preparing and reporting

by Nicole Freeman

With data breaches on the rise, Experian has released a “2014 Data Breach Industry Forecast” featuring predictions and tips for the healthcare industry and other sectors. There is no indication that data breaches will slow, and healthcare...

2014 Cyber Security Forecast: Significant healthcare trends

by Patrick Ouellette

Organizations across different industries will have to continue to be proactive about enhancing IT security measures in 2014, according to data breach management specialist Kroll Advisory Solutions. Kroll released its third annual Cyber Security...

FTC responds to LabMD’s motion for protective order

by Nicole Freeman

In the latest update in the battle between the Federal Trade Commission (FTC) and LabMD, a cancer detection facility, the FTC responded to LabMD’s attempts to throw out the FTC’s complaint and eliminate several subpoenas for discovery,...

Determining insurance liability after a health data breach

by Patrick Ouellette

When a healthcare provider endures a data breach, monetary damages quickly follow. Whether they’re receiving a fine as a result of a federal HIPAA violation or patients seek state-level damages in a class-action suit, these organizations...

UPMC mails patient data breach notification letters

by Patrick Ouellette

In addition to notifying the Department of Health and Human Services (HHS), the University of Pittsburgh Medical Center (UPMC) is alerting 1,300 patients via letter that their data was accessed by an unauthorized UPMC McKeesport employee. The...

UW Medicine notifies 90,000 patients of data breach

by Nicole Freeman

UW Medicine has notified nearly 90,000 patients of an October data breach involving malicious software (malware), according to A UW Medicine employee received and opened an email attachment containing malware, which took over the...

Florida physician group notifies 4,400 patients of breach

by Nicole Freeman

The Florida Digestive Health Specialists LLP has notified 4,400 patients of a data breach by a former employee, according to the Herald-Tribune. Protected health information including patient names, birthdates, phone numbers, and Social Security...

Over 8,000 UCSF patients notified of physician laptop theft

by Nicole Freeman

The University of California, San Francisco (UCSF) has notified 8,294 patients of the theft of a laptop from a physician’s car, according to The situation is highly reminiscent of a UCSF laptop theft from September 9. After...

Milwaukee files health data breach complaint with OCR

by Patrick Ouellette

Not surprisingly, the City of Milwaukee is trying to lay the proverbial hammer down on Dynacare, a clinical laboratory services company that lost a USB flash drive with unencrypted patient data. The data breach, which occurred on October 22,...

Calif. AG releases breach notification letter from 1999 incident

by Nicole Freeman

The California Attorney General’s Office released yesterday a copy of a data breach notification letter sent by California physician Kathleen E. Whisman to patients after the San Ramon, Calif. Police Department alerted her on April 11, 2013...

Over 1,000 notified of missing thumb drive, patient data

by Nicole Freeman

On Monday, Redwood Memorial Hospital of Fortuna, California mailed letters to 1,039 patients informing them of a missing thumb drive from the Cardiopulmonary Service Department that may have been storing protected health information (PHI), according...

Stormont-Vail HealthCare sends medical records to wrong patient

by Nicole Freeman

In an unusual set of circumstances, patient Lori Stein has reported a patient data breach at Stormont-Vail HealthCare System of Topeka, KS not involving data of her own. Stein went to an endocrinologist at Cotton-O’Neil Diabetes and Endocrinology...

Former Owensboro medical employee indicted for data breach

by Patrick Ouellette

As a result of former Owensboro Medical Health System (of Kentucky) employee Ilene W. Bullington selling patient information from February 2010 and August 2012, she was indicted by a federal grand jury last Wednesday. Bullington was indicted...

Citrix, VMware offer software assisting HIPAA compliance

by Nicole Freeman

New Citrix ShareFile Cloud aids HIPAA compliance Citrix ShareFile Cloud for Healthcare, Citrix’s virtual private cloud offering for file sharing, is now available to healthcare organizations looking to secure and manage protected health...

Froedtert Health, Dynacare investigate patient data breach

by Patrick Ouellette

Froedtert Health’s Workforce Health, a healthcare organization, and contractor Dynacare, a clinical laboratory services company, are working toward resolving a recent data breach involving Milwaukee city employees. Dynacare recently lost...

The healthcare USB storage device security conundrum

by A.N. Ananth

The storage capacity and portability of universal serial bus (USB) devices has made them efficient and useful tools for the modern enterprise. Storage devices such as USB sticks, pens or thumb drives are popular ways to store large data files...

Google Helpouts health services: HIPAA considerations

by Patrick Ouellette

Google has certainly come a long way in regards to HIPAA business associate agreements (BAAs). Despite being previously notorious for being unwilling to sign BAAs with healthcare providers, Google began offering BAAs for Google Apps on September...

AMA primer on patient data encryption: Physician FAQ

by Patrick Ouellette

The American Medical Association (AMA) published a number of helpful health IT security resources in September before the HIPAA Omnibus Rule became mandatory, such as its HIPAA toolkit. Among those items was a frequently asked questions (FAQ)...

Rotech Healthcare reports three-year-old patient data breach

by Patrick Ouellette

Three years after the original data breach occurred, Rotech Healthcare, Inc. sent a breach notification letter to the New Hampshire Attorney General’s Office. Back on November 26, 2010, an employee who left the organization took internal files...

DaVita tells 11,500 patients, employees of laptop theft

by Patrick Ouellette

Laptop theft continues to be a major source of healthcare data breaches, as DaVita, a Colorado-based kidney care company, is alerting 11,500 patients and some employees of a breach, according to a notice on the Davita website. An employee’s...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks