Healthcare Information Security

Patient Privacy News

New Data Breach Notification Bill Lets States Keep Own Laws


Several Democratic senators have introduced a national data breach notification bill that will allow states to keep their own notification laws if they have more strict policies already in place. The Consumer Privacy Protection Act was introduced...

Phishing Attack Affects 3,300 Partners HealthCare Patients


Yet another phishing attack was announced this week, potentially affecting 3,300 patients at Partners HealthCare System, Inc. According to a company statement, the Massachusetts-based facility learned on November 25, 2014 that employees had fallen...

Exposed Medical Records Potentially Puts Patients At Risk


Healthcare facilities must ensure they have the latest privacy and security measures in place to prevent exposed medical records and work toward keeping data breach risks to a minimum. Along with the latest technological safeguards, covered entities...

Phishing Scam, Stolen Laptop Lead to Potential Data Breaches


Healthcare data breaches can be caused from a variety of incidents, such as an email phishing scam, misplaced medical records, and lost or stolen mobile devices. Without a comprehensive security plan and extensive understanding of HIPAA regulations,...

Ill. Data Breach Law Passes Senate, Includes Medical Data


The Illinois Senate passed a data breach law that now includes medical and health insurance data in its definition of “personal information.” The Personal Information Act, or SB 1833, was previously in place, but the new version amends certain...

Will NAIC Cybersecurity Regulations Affect Healthcare Industry?


The Cybersecurity (EX) Task Force of the National Association of Insurance Commissioners (NAIC) announced that it adopted new cybersecurity regulations, designed to help protect sensitive consumer information. The cybersecurity regulations highlight...

Second Email Phishing Scam Hits Ascension Health Facility


Another email phishing scam was reported at an Ascension Health facility, but it has not yet been said whether the two incidents are related. Seton Family of Hospitals, a division of Seton Healthcare Family (“Seton”), announced on...

How Rush Medical Stays HIPAA Compliant, Uses Cybersecurity


Staying HIPAA compliant is not always an easy task, especially as new technological options develop, such as cloud computing, mobile devices, and EMRs. Rush University Medical Center has altered its cybersecurity measures over the last few years...

PHI Compromised in Email Phishing Scam


No healthcare organization, whether a provider or insurer, wants to have PHI compromised. However, even with the necessary security measures in place and thorough employee training programs, incidents can still occur. That is the case at an Indiana...

PHI Incidents Decrease 65% in March for VA


The number of PHI incidents affecting veterans decreased by approximately 65 percent in March, according to the Department of Veterans Affairs (VA) latest report to Congress. In February, the VA reported that of the 891 veterans affected by a...

Data Breach Notification Law Passes Unanimously in Wash.


The Washington state Senate unanimously passed the proposed data breach notification law last week by a 47-0 vote. HB 1078 is designed to “strengthen the data breach notification requirements to better safeguard personal information, prevent...

Breaches Shift from Device Theft to Cybersecurity Threats


Healthcare cybersecurity threats are an increasing issue for the industry, but healthcare data breaches can occur in numerous ways. An apparent shift is underway though, as the major cause of health data breaches is not necessarily due to device...

ONC Releases Electronic Health IT Privacy, Security Guide


The Office of the National Coordinator for Health Information Technology (ONC) released an updated version of its guide on electronic health IT privacy and security earlier this week. The guide outlines ways for covered entities to properly integrate...

Stronger Data Breach Laws Needed, Say Wash. Leaders


In the wake of the Premera Blue Cross and Anthem, Inc. data breaches, Washington’s attorney general and two lawmakers are calling for stronger data breach laws. Attorney General Bob Ferguson, Sen. John Braun, and  Rep. Zack Hudgins...

How Health Data Privacy, Regulations Affect Data Exchange


Health data privacy concerns are consistently cited as a potential drawback or concern to data exchange programs. Covered entities must ensure that as they implement data exchange, and work toward interoperability, that patient data stays secure....

NIST Cybersecurity, Data Privacy Report Open for Comments


The National Institute of Standards and Technology (NIST) drafted a report from the Executive Technical Workshop on Improving Cybersecurity and Consumer Privacy, and the NIST cybersecurity draft focuses on how data is securely transmitted. “We’d...

Industry Leaders Discuss Data Privacy in Stage 3 MU


The Stage 3 Meaningful Use proposal had a large focus on EHR interoperability and data quality. However, keeping patient health information secure was still a top priority in CMS’ recently published draft, as Stage 3 MU will continue to ensure...

Data Breach Lawsuit Against Horizon BCBS Dismissed


The class action data breach lawsuit against Horizon Blue Cross Blue Shield of New Jersey was dismissed on March 31, with the judge citing that an injury sufficient to confer standing was not proven. According to New Jersey U.S. District Judge...

Prioritizing Patient Privacy Essential with EHR Transition


As more healthcare providers and hospitals implement EHRs and connect to HIEs, prioritizing patient privacy must remain a top priority. Individuals need to not only feel confident in that they will receive quality care, but also that their sensitive...

De-Identification of Data: Breaking Down HIPAA Rules


The de-identification of data is an important part of healthcare technology, especially as the use of EHRs and HIEs becomes more prominent. The HIPAA Privacy Rule states that once data has been de-identified, covered entities can use or disclose...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks