Healthcare Information Security

Data Breach Management

Creating a Healthcare Security Incident Reporting Process

July 10, 2017 - With the recent wave of ransomware attacks, hacking attempts, and unauthorized disclosures, healthcare organizations have more opportunities to exercise their incident management plans. Unfortunately, these same organizations are learning the hard way that the probability of a successful response and recovery is dependent on prior investments in testing and staff training. For this reason,...

More Articles

Va. Data Breach Legislation Update Accounts for Payroll Data

by Elizabeth Snell

Virginia recently updated its data breach legislation to require notification should payroll data become compromised. The amended statute applies to employers or payroll service providers who experience unauthorized access and acquisition of...

Do Healthcare Data Breach Lawsuits Have Reasonable Standards?

by Elizabeth Snell

Being able to prove fault in a healthcare data breach class action lawsuit is inherently difficult, but it is also important to understand the privacy expectations, according to a recent Corporate Clients Insight blog post. Data breach cases...

TN Updates Data Breach Notification Law for Encrypted Data

by Elizabeth Snell

Any person or business that conducts business in Tennessee is only required give data breach notification if the information acquired was unencrypted, according to a recently passed amendment. Amended Senate Bill 547 states that encrypted data...

Mass. Launches Online Data Breach Notification Archive

by Elizabeth Snell

As part of the recently updated Massachusetts Public Records Law, the state’s Office of Consumer Affairs and Business Regulation made its online Data Breach Notification Archive available to the public. Governor Charlie Baker signed the...

Companies Lacking Confidence in Data Breach Preparedness

by Elizabeth Snell

More organizations are implementing data breach preparedness plans, but a recent survey showed that those same companies are not entirely confident in their ability to recover from potential data security incidents. The fourth annual Is Your...

IL Data Breach Notification Law to Include Healthcare Data

by Jacqueline Belliveau

Last month, Illinois Governor Bruce Rauner signed several amendments to a data breach notification law that would impact healthcare data security regulations starting in 2017. Under the revised Personal Information Privacy Act, protected personal...

Proposed NY Data Breach Legislation Accounts for PHI Security

by Elizabeth Snell

Pending data breach legislation in New York could potentially affect the future of PHI security, as the proposed bill would include individuals’ medical information under its definition of personal information. If the bill passes, unsecured...

HITRUST Program Identifies Healthcare Cybersecurity Threats

by Jacqueline Belliveau

With a slew of new healthcare cybersecurity threats seemingly appearing each day, many organizations are struggling to proactively identify and protect themselves from unknown and more sophisticated cyber threats, like hospital ransomware. The...

Most 2016 Healthcare Data Breaches From Unauthorized Access

by Elizabeth Snell

Last year is often referred to as the “Year of the Hack” for healthcare, with the majority of healthcare data breaches being caused by third-party cyber attacks. The top three incidents alone combined to potentially affect nearly...

Rise In Healthcare Data Breaches Cost Industry $6.2 Billion

by Jacqueline Belliveau

As a new story about hospital ransomware or a stolen laptop containing PHI seemingly emerges every day, it comes as no surprise that healthcare data breaches have steadily increased in frequency and severity since 2010. Researchers at the Ponemon...

What is the Real Cost of a Healthcare Data Breach?

by Sean Doherty of TSC Advantage

The recent spate of ransomware attacks against hospitals have set a new precedent in healthcare cyber threats – literally holding data and operations ransom until paid.   While a ransom of $17,000 in the hard-to-track bitcoin...

Why Hospital Boards Must Understand Healthcare Cybersecurity

by Elizabeth Snell

As healthcare cybersecurity continues to evolve and become more intricate, hospital boards should ensure that they have a comprehensive understanding of the necessary data breach prevention measures. One of the important things that hospital...

Are Third-Parties Compromising Healthcare Data Security?

by Jacqueline Belliveau

With the recent spike in healthcare data breaches, it is pertinent that healthcare organizations implement and understand healthcare data security positions of third-party vendors, but most companies claim that they do not have the resources...

Are State Health Data Breach Notification Laws Needed?

by Elizabeth Snell

State healthcare data breach notification laws are not always thought of first in covered entities’ approaches to their data security plans, as HIPAA regulations are likely top concerns. However, organizations will also be held to state...

US Appeals Court Affirms FCA Healthcare Data Breach Case

by Elizabeth Snell

The US Court of Appeals for the Sixth District affirmed a district court’s dismissal of a healthcare data breach case that alleged there had been False Claims Act (FCA) violations. In United States ex rel. Sheldon v. Kettering Health Network,...

Medical Identity Theft Discussed in New RI Legislation

by Elizabeth Snell

Medical identity theft is just one potential issue that recent Rhode Island legislation hopes to solve. Set to go into effect on June 26, 2016, the new Rhode Island Identity Theft Protection Act requires businesses and organizations of all sizes...

Student PHI Security, Data Breaches Addressed in Calif. Guide

by Elizabeth Snell

To better address student PHI security, data breach protocol, and other data privacy and security issues, The California County Superintendents Educational Services Association (CCSESA) recently released a guidebook to assist the state’s...

Health Data Breaches Account for 21% of Total Incidents

by Elizabeth Snell

Health data breaches continued to account for the most amount of data breaches for the first half of 2015, according to Gemalto’s Breach Level Index. Specifically, health data breaches accounted for 21.1 percent of the total number of incidents,...

Why Prompt Health Data Breach Notification is Essential

by Elizabeth Snell

Proper health data breach notification is a critical aspect of HIPAA that healthcare organizations must adhere to. Along with federal laws, there are often state and local data breach notification requirements that must also be followed. Without...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks