Healthcare Information Security

Healthcare Data Encryption

eHealth Initiative Survey: HIEs Lacking In Interoperability

by Elizabeth Snell

Cost and technical challenges remain central barriers to interoperability for health information exchanges (HIEs), according to the recent eHealth Initiative survey. The research also showed that regulatory policies have seemingly encouraged...

UC Davis Health Email Breach Exposes 1,326 Patients’ Data

by Patrick Ouellette

UC Davis Health System announced that it discovered a provider’s email had been compromised by an unknown source on September 26, breaching 1,326 patients’ data. According to the release on the UC Davis Health website, the event...

Touchstone Medical Imaging Posts Data Breach Notification

by Patrick Ouellette

Touchstone Medical Imaging, LLC has sent out notices to some patients treated prior to August of 2012 that it learned on May 9, 2014 that a shared folder holding sensitive data was exposed on the internet. The imaging specialist organization...

Report: Healthcare industry must focus on endpoint security

by Patrick Ouellette

It’s no secret that data encryption continues to be an IT security sore spot in the healthcare industry, but some recent Forrester Report findings reaffirm that endpoint security is a critical issue. According to the Wall Street Journal,...

Jersey City Medical Center reports Medicaid patient breach

by Patrick Ouellette

Jersey City Medical Center recently publicized a Medicaid patient data breach that resulted from United Parcel Service (UPS) failing to deliver an unencrypted CD with patient data on it. The CD, which held an unknown number Medicaid patients’...

Women and Infants Hospital of R.I. reaches breach agreement

by Patrick Ouellette

Women & Infants Hospital (WIH) of Rhode Island first reported a data breach involving unencrypted backup tapes containing ultrasound images from two of its ambulatory sites that went missing back in spring of 2012. WIH will settle a data...

Colorado Neurodiagnostics notifies patients of data breach

by Patrick Ouellette

Colorado Neurodiagnostics of Littleton, Colo. is alerting an unknown number of patients that their protected health information (PHI) had been compromised when a laptop with the data was stolen from its office. According to the Denver Post, the...

Data breach may affect all 62,000 UPMC employees

by Patrick Ouellette

Another healthcare data breach involving employees continues to grow, as the range of employees affected by the University of Pittsburgh Medical Center (UPMC) breach has grown from a reported 27,000 to potentially all 62,000 employees, according...

Elliot Hospital notifies more than 1,200 patients of breach

by Patrick Ouellette

After an Elliot Hospital employee’s car was broken into and four computer workstations were stolen from the vehicle on March 27, the hospital alerted more than 1,200 patients that their data had been exposed. Though, according to unionleader.com,...

Medical center not liable for breach; Humana reports breach

by Patrick Ouellette

Unencrypted devices continue to plague healthcare organizations, as healthcare insurance provider Humana is in the process of notifying 2,962 patients that an unencrypted USB drive and encrypted laptop with patient data stored on them were stolen...

UC Irvine alerts patients of keylogging malware incident

by Patrick Ouellette

University of California Irvine (UCI) announced last week that 1,813 students and some non-students were impacted by a data breach involving keylogging software malware. The UCI IT Security office learned that the breach had affected three UCI...

Boulder Community Health reviews paper PHI record exposure

by Patrick Ouellette

After a reported HIPAA violation, Boulder Community Health (BCH) of Colorado is in the process of investigating its third patient data breach since 2008, according to The Daily Camera. The context of the breach is a bit bizarre in that, unknown...

Employees file class suit against UPMC following data breach

by Patrick Ouellette

Employees affected by the University of Pittsburgh Medical Center (UPMC) data breach have filed a class action lawsuit against UPMC and its payroll vendor, Ultimate Software Group. The suit says that UPMC and the vendor breached its duty to protect...

HHS deals out largest-ever $4.8M HIPAA violation settlement

by Patrick Ouellette

The Department of Health and Human Services (HHS) announced yesterday that it had handed out $4.8 million worth of HIPAA fines to New York and Presbyterian Hospital (NYP) and Columbia University (CU) after they submitted a joint breach report...

OCR dismisses Walgreens ‘Well Experience’ HIPAA complaint

by Patrick Ouellette

The Office for Civil Rights (OCR) has officially completed its investigation into the Walgreens “Well Experience” program and dismissed the complaint filed by the activist group, Change to Win (CtW), after finding CtW’s patient privacy...

Molina Healthcare contractor mail error exposes patient data

by Patrick Ouellette

Molina Healthcare, a multi-state healthcare organization, reported on Friday that a postcard mailing error in March had resulted in 5,261 former members’ Social Security numbers being inadvertently exposed. According to the Albuquerque...

UMass Memorial Medical sends out patient data breach notices

by Patrick Ouellette

After taking nearly two months to flesh out a patient data breach involving inappropriate internal access, UMass Memorial Medical Center (UMMMC) of Worcester, Mass. announced this week that it had alerted more than 2,400 affected patients of...

Cloud HIPAA BAA considerations for healthcare providers

by Patrick Ouellette

Most healthcare cloud security discussions these days usually involve a cloud provider’s willingness (or perhaps lack thereof) to sign a HIPAA business associate agreement (BAA). What was once considered an agreement that vendors didn’t...

Centura Health alerts 1,000 patients of phishing attack

by Patrick Ouellette

A data breach involving Mercy Regional Medical Center of Durango, Colo. exemplifies the stark reality that phishing attacks have become more complex and difficult for even the most shrewd of users to pick out. Mercy employees, according to the...

Boston Medical Center transcription service exposes PHI

by Patrick Ouellette

Once it learned that 15,000 patients’ data had been exposed on its transcription service vendor’s website, Boston Medical Center (BMC) fired MDF Transcription Services and has sent breach notification letters to patients. The website...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks