Healthcare Information Security

Healthcare Breach Notifications

HHS Updates HIPAA Breach Reporting Tool, Empowers Consumers

July 25, 2017 - The recently updated HIPAA Breach Reporting Tool (HBRT) will highlight recent healthcare data breaches and help consumers learn how such incidents are investigated, according to OCR. The agency explained in a statement that the new HBRT “features improved navigation for both those looking for information on breaches and ease-of-use for organizations reporting incidents.” “The...


More Articles

$130K NY State Settlement from Late Data Breach Notification

by Elizabeth Snell

CoPilot Provider Support Services, Inc. recently agreed to a $130,000 settlement with New York after the company was found to have violated state data breach notification law, according to the New York Attorney General’s office. CoPilot...

OCR Highlights Proper Healthcare Cyberattack Response

by Elizabeth Snell

HIPAA covered entities and business associates must know the necessary steps to take following a healthcare cyberattack. Failing to either notify overseeing agencies or properly alert patients could lead to numerous issues for an organization....

OCR Newsletter Reviews Healthcare Cybersecurity Best Practices

by Elizabeth Snell

Even the most current and comprehensive security controls cannot guarantee that PHI security will never be compromised, which is why healthcare cybersecurity best practices should be regularly reviewed. OCR’s May cybersecurity newsletter...

Virginia Mason Patient Data Privacy Breach Leads to Lawsuit

by Elizabeth Snell

After receiving $8.5 million in a medical negligence lawsuit, a Washington couple is filing another lawsuit against Virginia Mason Medical Center for its alleged actions following a patient data privacy breach. Matthew and Sarah Hipps, MD, claim...

Va. Data Breach Legislation Update Accounts for Payroll Data

by Elizabeth Snell

Virginia recently updated its data breach legislation to require notification should payroll data become compromised. The amended statute applies to employers or payroll service providers who experience unauthorized access and acquisition of...

Do Healthcare Data Breach Lawsuits Have Reasonable Standards?

by Elizabeth Snell

Being able to prove fault in a healthcare data breach class action lawsuit is inherently difficult, but it is also important to understand the privacy expectations, according to a recent Corporate Clients Insight blog post. Data breach cases...

TN Updates Data Breach Notification Law for Encrypted Data

by Elizabeth Snell

Any person or business that conducts business in Tennessee is only required give data breach notification if the information acquired was unencrypted, according to a recently passed amendment. Amended Senate Bill 547 states that encrypted data...

N.M. Senate Committee Passes Data Breach Notification Bill

by Elizabeth Snell

A New Mexico data breach notification bill was recently passed by a state Senate Committee, and will move onto the Senate Judiciary Committee, according to the Los Alamos Daily Post.   Rep. Bill Rehm introduced House Bill 15, and explained...

Breach Notification Center of Presence Health HIPAA Settlement

by Elizabeth Snell

Healthcare network Presence Health recently agreed to a $475,000 OCR HIPAA settlement following a reported data breach and a subsequent delayed breach notification process. Presence submitted a breach notification report to OCR on January 31,...

Mass. Launches Online Data Breach Notification Archive

by Elizabeth Snell

As part of the recently updated Massachusetts Public Records Law, the state’s Office of Consumer Affairs and Business Regulation made its online Data Breach Notification Archive available to the public. Governor Charlie Baker signed the...

US-CERT Updates Cybersecurity Incident Notification Guidelines

by Elizabeth Snell

The U.S. Computer Emergency Readiness Team (US-CERT) announced its new cybersecurity incident notification guidelines, which will go into effect on April 1, 2017. The guidelines will affect all Federal departments and agencies, as well as state,...

Encryption Aspect Amended in CA Data Breach Notification Law

by Elizabeth Snell

Starting in 2017, data breach notification will be required for instances when encrypted personal information of California residents has been breached and certain conditions are met, according to a recently amended state law. Previously, California’s...

FTC Releases Data Breach Response Guidance for Businesses

by Elizabeth Snell

The Federal Trade Commission (FTC) outlines the steps that businesses should take if they suspect that they have fallen victim to a data breach in a recently released data breach response guide and accompanying video. Along with securing physical...

IL Data Breach Notification Law to Include Healthcare Data

by Jacqueline Belliveau

Last month, Illinois Governor Bruce Rauner signed several amendments to a data breach notification law that would impact healthcare data security regulations starting in 2017. Under the revised Personal Information Privacy Act, protected personal...

Are State Health Data Breach Notification Laws Needed?

by Elizabeth Snell

State healthcare data breach notification laws are not always thought of first in covered entities’ approaches to their data security plans, as HIPAA regulations are likely top concerns. However, organizations will also be held to state...

Oregon Data Breach Notification Law Goes Into Effect

by Elizabeth Snell

A new Oregon data breach notification law went into effect on January 1, and requires businesses and government agencies to notify the state attorney general of a data breach affecting more than 250 state residents. The Oregon Consumer Identity...

California Adopts Statewide Data Breach Notification Laws

by Sara Heath

In the wake of several recent large-scale data breaches, such as the UCLA Health System, California Governor Jerry Brown recently signed a law that would provide statewide regulations for data breach notification. The law, which comes as a three-bill...

Why Prompt Health Data Breach Notification is Essential

by Elizabeth Snell

Proper health data breach notification is a critical aspect of HIPAA that healthcare organizations must adhere to. Along with federal laws, there are often state and local data breach notification requirements that must also be followed. Without...

Illinois Governor Vetoes Data Breach Notification Bill

by Elizabeth Snell

Illinois Governor Bruce Rauner issued an amendatory veto on a data breach notification bill that would have extended the type of information to be protected to include medical, health insurance, biometric, consumer marketing, and geolocation...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks