Healthcare Information Security

Health IT Security and HIPAA News

73 Percent of Medical Professionals Share Passwords for EHR Access

by

A recent study examined the prevalence of password sharing among healthcare providers and found nearly three-quarters of surveyed medical professionals have used another staff member’s password to obtain EHR access at work. The study by...

Utilizing Secure Messaging in Disaster Recovery Planning

by

Healthcare organizations of all sizes know that it is important to hope for the best, but plan for the worst. Secure messaging tools are becoming an increasingly popular option for that approach, as it can give clinicians a quick and efficient...

Reviewing OCR HIPAA Guidance to Maintain Compliance

by

Covered entities should not be afraid to regularly review OCR HIPAA guidance and ensure that they remain compliant, even as they add new technologies into the daily workflow, according to OCR Senior Advisor for HIPAA Compliance and Enforcement...

Alabama Medicaid Data Security, Information Security Can Improve

by

Alabama's Medicaid Management Information System (MMIS) had an adopted security program, but there were still potential vulnerabilities stemming from lacking Medicaid data security, according to a recent OIG investigation. “These...

Neurology Foundation Unauthorized PHI Access Could Affect 12K

by

Rhode Island-based The Neurology Foundation, Inc. (Foundation) recently announced that an employee had been making unauthorized PHI access. The employee had been using a company credit card to make unauthorized purchases, but it was discovered...

Will Revised HIPAA Rules Encourage Greater Health Data Exchange?

by

Updating HITECH and the HIPAA Rules by having providers and EHR vendors charge fees for health data exchange would help promote interoperability, according to Brookings Institution Non-Resident Fellow Niam Yaraghi. The current regulatory framework...

Data Security Top Reason Hospitals Prohibit Healthcare BYOD

by

More hospitals are allowing healthcare BYOD policies, but data security is the top reason why an organization would prohibit such policies from being implemented, according to a recent Spok survey. Spok interviewed more than 350 healthcare leaders...

How Vendors, Providers Can Create Strong Health Data Security

by

When it comes to maintaining HIPAA compliance, both healthcare providers and their chosen third-party vendors – or business associates – need to work together for comprehensive and current health data security. Compliance can get...

Focusing on Healthcare IoT Security with Expanding Market

by

The Internet of Things (IoT) is quickly becoming a more attractive option to organizations across sectors, but IoT security, standards, interoperability, and cost are still key concerns for executives, a recent report found. Verizon’s State...

EHRA: Health Data Sharing Not Aided with Regulatory Penalties

by

Advocating for penalizations for providers and EHR developers is the wrong approach for encouraging health data sharing, according to a recent EHR Association (EHRA) blog post. Written in response to a Health Affairs post by former ONC Chief...

HITRUST Urges Collaboration for Improved Healthcare Cybersecurity

by

HITRUST held its first Community Extension Program meeting last week at Tufts Medical Center in downtown Boston, talking challenges, best practices, and lessons learned in healthcare risk management programs. One of the overarching goals of the...

Top 3 Health Data Breaches Impact Nearly 1.5M Individuals

by

Hacking and IT security issues, including phishing scams and ransomware attacks, are still the leading causes for the largest health data breaches in 2017, according to data from OCR. The three largest incidents thus far – two of which...

Using Threat Intelligence to Improve Healthcare Cybersecurity

by

While 84 percent of organizations consider threat intelligence “essential to a strong security posture,” entities admit that the large amount of threat data and a lack of staff expertise lower their threat program effectiveness, according...

CO Hospital Email Breach Possibly Exposes PHI of 3.4K Families

by

Children’s Hospital Colorado recently informed patients of a potential security breach possibly affecting the PHI of nearly 3,400 patient families. On July 11, 2017, Children’s Colorado discovered an employee’s email account...

Why Guidance is Critical for Strengthening Healthcare Cybersecurity

by

Healthcare providers must adhere to HIPAA rules and required state regulation with regard to maintaining data security. But not all regulations are specific in how covered entities should approach healthcare cybersecurity in an evolving industry....

How HIPAA Rules Apply with Law Enforcement Investigations

by

HIPAA rules are meant to protect patient information, but what happens when there is a law enforcement investigation? Are police officers allowed to demand PHI without a warrant? That issue was brought forth in August 2017 when video was released...

Mount Sinai St. Luke’s Sued Following HIPAA Violation

by

New York-based Mount Sinai St. Luke’s Hospital is being sued for faxing patient PHI to the patient’s employer, a reported HIPAA violation that has already resulted in an OCR HIPAA settlement. The Law Offices of Jeffrey Lichtman represent...

ICS-CERT Reports Medfusion Medical Device Vulnerabilities

by

Recently discovered medical device vulnerabilities in infusion pumps could potentially allow a remote attacker to gain unauthorized access, affecting the pump’s intended operation, according to the Department of Homeland Security’s...

Medical Device Security Critical with FDA Interoperability Guide

by

Safely and effectively exchanging and using data is the key focus of the recent FDA guide on medical device security and interoperability. FDA explained that Design Considerations and Pre-market Submission Recommendations for Interoperable Medical...

3 Tips to Ensure Healthcare Data Security in Evolving Environment

by

There’s so much happening with new types of advanced security technologies. Healthcare data security teams must analyze solutions around on premise as well as cloud options. Furthermore, the granularity of security makes it a challenge...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks