Healthcare Information Security

Data Encryption

PHI Security Could Be At Risk in Boston Scientific Medical Device

October 26, 2017 - A Boston Scientific medical device was found to have a vulnerability that could compromise PHI security, according to Whitescope researchers Jonathan Butts and Billy Rios. The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) stated in an online advisory that two vulnerabilities were found in Boston Scientific’s ZOOM LATITUDE...


More Articles

OPM Data Breach Controls Improved, Further Action Required

by Elizabeth Snell

The Office of Personnel Management (OPM) has made improvements in its data security, but a Government Accountability Office (GAO) report still outlined several areas where OPM data breach controls can be strengthened. The 2015 OPM data breaches...

Healthcare Data Encryption not ‘Required,’ but Very Necessary

by Elizabeth Snell

Healthcare cybersecurity is essential for covered entities of all sizes, especially as ransomware attacks and other types of malware become more common. Healthcare data encryption is often discussed in these situations as well, with many in the...

TN Updates Data Breach Notification Law for Encrypted Data

by Elizabeth Snell

Any person or business that conducts business in Tennessee is only required give data breach notification if the information acquired was unencrypted, according to a recently passed amendment. Amended Senate Bill 547 states that encrypted data...

2013 Horizon BCBS Data Breach Leads to $1.1M Settlement

by Elizabeth Snell

Horizon Healthcare Service, Inc., which operates as Horizon Blue Cross Blue Shield of New Jersey (Horizon BCBSNJ), recently agreed to a $1.1 million settlement for data breach allegations from 2013. Along with the payment, Horizon BCBSNJ must...

Children’s Medical Center Issued $3.2M OCR HIPAA Penalty

by Elizabeth Snell

Children’s Medical Center of Dallas (Children’s) was recently given an OCR HIPAA civil money penalty due to ePHI disclosure and several years of HIPAA non-compliance, according to a Department of Health and Human Services (HHS) release....

Data Encryption Workgroup Report Discusses Privacy Concerns

by Elizabeth Snell

It is important to remember that there is not a “one-size-fits-all” answer or a “solution” to the debate over whether or not data encryption should be utilized by organizations or the government, the bipartisan Encryption...

How Evolving Cyber Threats Affect Health Data Encryption

by Elizabeth Snell

Data encryption options are quickly becoming a top security choice for healthcare organizations that are looking to remain innovative but still keep patient data out of the wrong hands. With a recent survey showing the quick growth of the global...

Encryption Aspect Amended in CA Data Breach Notification Law

by Elizabeth Snell

Starting in 2017, data breach notification will be required for instances when encrypted personal information of California residents has been breached and certain conditions are met, according to a recently amended state law. Previously, California’s...

Can SSL Decryption Prevent Healthcare Data Breaches?

by Elizabeth Snell

Utilizing data encryption methods is often touted as a way to prevent healthcare data breaches, as it could help prevent sensitive information from being easily accessible. Preventing and even preventing network attacks should be a top priority...

How Unvalidated Encryption Threatens Patient Data Security

by Ray Potter of SafeLogic

Technology vendors building solutions for deployment in healthcare love to talk about encryption and how it can help patient data security. It’s the silver bullet that allows physicians and patients alike to embrace new apps and tools....

Neb. Data Breach Notification Law Clarifies Encryption Aspect

by Elizabeth Snell

Nebraska Governor Pete Ricketts signed an amended version of the state’s data breach notification law last month, which further clarifies the data encryption exemption and expands the definition of personal information. LB835 made changes...

Staying HIPAA Compliant While Using Health Data Encryption

by Jon Senger of Vertiscale

Many people may be surprised to learn that HIPAA laws do not require any specific type of health data encryption. However, regulatory updates since the Security Rule’s enactment have shown how critical HHS thinks encryption is, and for...

CA Data Breach Report: Healthcare Data Encryption Necessary

by Elizabeth Snell

Healthcare data encryption is a “particular imperative,” and one that should also be considered for other organizations when it comes to protecting personal data stored on laptops, desktop computers, and mobile devices, according...

Why Healthcare Data Security is No Longer ‘Just an IT Issue’

by Elizabeth Snell

Prioritizing healthcare data security is something that covered entities of all sizes must be currently doing, especially as more organizations implement mobile devices, connect to HIEs, and begin to use connected medical devices. This is why...

WEDI President and CEO Devin Jopp Resigns

by Elizabeth Snell

The Workgroup for Electronic Data Interchange (WEDI) announced today that President and CEO Devin Jopp, Ed.D. is resigning. The WEDI Board of Directors has formed a search committee to identify a replacement, according to a company statement,...

FTC Settles Dental Software Patient Data Encryption Case

by Elizabeth Snell

The Federal Trade Commission (FTC) recently settled a case involving alleged misleading information about how a dental practice software company handled patient data encryption. Henry Schein Practice Solutions, Inc. (Schein) is required to pay...

Medical Info. Included in Nevada Data Breach Notification Law

by Elizabeth Snell

Nevada recently adjusted its definition of personal information in the state data breach notification law to also account for medical information. Governor Brian Sandoval signed AB 179 into law on May 13, 2015, and the legislation will go into...

Internal Data Encryption Lagging, Says WEDI Survey

by Elizabeth Snell

Internal data encryption, as well as at-rest data encryption, are two areas that healthcare facilities could improve upon, according to a recent Workgroup for Electronic Data Interchange (WEDI) survey. Results from the survey were discussed in...

Breaking Down HIPAA: Health Data Encryption Requirements

by Elizabeth Snell

Health data encryption is becoming an increasingly important issue, especially in the wake of large scale data breaches like Anthem, Inc. and Premera Blue Cross. The HIPAA Omnibus Rule improved patient privacy protections, gave individuals new...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks