Healthcare Information Security

Data Breach Management

Alabama Last US State to Enact Data Breach Notification Law

April 4, 2018 - Alabama Governor Kay Ivey has inked a data breach notification law that requires organizations and agencies to notify data breach victims within 45 days, becoming the last US state to enact such a statute. The law, which takes effect May 1, includes medical and health insurance information in the definition of “personally identifying information” subject to notification. In...


More Articles

Attorneys General Stress Need for State Data Breach Laws

by Elizabeth Snell

It would be greatly detrimental to have federal regulations that preempt state data security and state data breach laws, according to a group of 32 attorneys general, led by Illinois Attorney General Lisa Madigan. The letter explains concerns...

Utilizing Holistic Cybersecurity Measures Against Evolving Threats

by Elizabeth Snell

It is essential for healthcare providers to evolve their cybersecurity program to stay ahead of evolving threats, utilizing holistic cybersecurity measures that focus on prevention, detection, and response. That was the focus of a HIMSS18 education...

Alabama Data Breach Notification Act Accounts for Medical Data

by Elizabeth Snell

Alabama may soon join 48 other states in having its own state data breach notification legislation, as the Alabama Senate passed a bill earlier this month that would require companies to provide notice should they experience a breach. The Alabama...

Insufficient Staffing, Education Hinders Healthcare Cybersecurity

by Elizabeth Snell

Hospitals and payer organizations could make major strides in improving their healthcare cybersecurity measures by hiring the right staff members and by implementing comprehensive employee education and training, according to a Merlin International...

MA Data Breach Reporting Tool Aids in Notification Process

by Elizabeth Snell

Massachusetts businesses and organizations that need to complete the data breach notification process will now be able to do so through an online data breach reporting tool. Massachusetts Attorney General Maura Healey explained in a statement...

How Much Do Healthcare Data Breaches Cost Organizations?

by Elizabeth Snell

Healthcare data breaches can be devastating for any covered entity, but the subsequent recovery costs are often quite expensive. Implementing technological tools to aid in prevention and detection measures are not cheap, but not taking necessary...

Prevent Healthcare Phishing with Employee Security Training

by Elizabeth Snell

Implementing a strong employee security training program is consistently noted as a key way for covered entities to prevent healthcare phishing attacks. Organizations of all sizes need to ensure that staff members can recognize malicious emails...

57% of Orgs Spend Money on Endpoint, Mobile Security Technologies

by Elizabeth Snell

With data breaches on the rise, organizations are increasingly turning to cloud, big data, Internet of Things (IoT), container, blockchain and/or mobile environments, recent research shows. Furthermore, over half of surveyed entities are focusing...

New York Reaches $1.15M Settlement over Aetna Data Breach

by Elizabeth Snell

New York Attorney General Eric Schneiderman announced that a $1.15 million settlement has been reached following the Aetna data breach that occurred in 2017. Aetna sent letters to patients in the mail back in July 2017. Information about ordering...

Why Providers Need a Disaster Recovery Plan for EHR Security

by Elizabeth Snell

Whether healthcare providers are working to prepare for potential natural disasters like hurricanes or manmade cybersecurity issues (i.e., ransomware attacks, insider data breaches) having a disaster recovery plan is essential. Entities of all...

What Precedent Will Be Set in CareFirst Data Breach Case?

by Elizabeth Snell

The flood gates could potentially be opened for “no-injury class actions arising from virtually every data breach” if the US Supreme Court does not reaffirm the Washington DC circuit court’s decision with the CareFirst data...

NC Data Breach Legislation Accounts for Ransomware Attacks

by Elizabeth Snell

Following an increase in reported state data breaches in 2017, North Carolina’s attorney general and a state representative introduced data breach legislation to better protect individuals. The updated Act to Strengthen Identity Theft Protections...

Potential WV Health Data Breach from Laptop Theft Affects 43K

by Elizabeth Snell

West Virginia-based Coplin Health Systems recently reported a possible health data breach after it discovered that a laptop potentially containing personal health information was stolen. The device was stolen from an employee’s automobile...

Are Orgs Filling Necessary Healthcare Cybersecurity Roles?

by Elizabeth Snell

Without the right healthcare cybersecurity roles being filled at covered entities, it can be more difficult for organizations to ensure that sensitive data remains secure. Along with CISOs, privacy officers, and compliance officers, entities...

5 Tips for a Strong Healthcare Data Breach Response

by Bill Kleyman

No one wants to experience an active security situation. A data breach will result in numerous sleepless nights, big expenses, and lots of lost confidence. The challenge, however, is that healthcare data is just so valuable. In the 2017 Ponemon...

Senator Urges Prompt Data Breach Disclosure in Recent Bill

by Elizabeth Snell

Florida Senator Bill Nelson introduced legislation toward the end of November 2017 that would require organizations to adhere to a more prompt data breach disclosure process. Companies that do not follow the requirements and attempt to deliberately...

Survey Shows US Cybersecurity Attacks Costing Orgs More Money

by Elizabeth Snell

More US-based organizations are investing in their IT security and physical security measures, but the costs of cybersecurity attacks are still on the rise, according to recent research. CSO, the CERT Division of the Software Engineering...

Improve Healthcare Data Security with a Strong Backup Strategy

by Bill Kleyman

In working with healthcare organizations, there are constantly two topics that are brought up: healthcare data security and resiliency. Of course, there are other conversations around user experience, cloud, and so on. However, a major outage...

Single National Data Breach Notification Standard Proposed

by Elizabeth Snell

A recently proposed bill calls for a single national data breach notification standard, which would replace the existing state notification laws and “clarify and strengthen” organizations’ reporting obligations. Rhode Island...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks