Healthcare Information Security

HIPAA Administrative Safeguards

Iowa DHS reports data breach affects 2,042 clients

by Nicole Freeman

The Iowa Department of Human Services (DHS) has reported a data breach that compromised 2,042 individuals’ protected health information (PHI). The breach stemmed from DHS employees acting inappropriately while performing social work assessments...

HIPAA audit preparation and compliance: BA effects on CEs

by Nicole Freeman

While the timetable for 2014 HIPAA audits has not been released, the Office for Civil Rights (OCR) has begun surveying covered entities and business associates (BAs) to gauge organizational preparedness for the upcoming OCR HIPAA Audit Program....

Los Angeles County DHS reveals 168,000 patient data breach

by Patrick Ouellette

The Los Angeles County Department of Health Services (DHS) recently announced that it has begun notifying 168,000 patients of a data breach at Sutherland Healthcare Solutions, which handles DHS’s billing and collections. Sutherland has...

HHS fines Skagit, Wash. $215K in first county HIPAA settlement

by Patrick Ouellette

As part of the first the first HIPAA violation settlement with a county government, the Department of Health and Human Services (HHS) announced today that Skagit County of Northwest Washington, agreed to a $215,000 monetary settlement and to...

Healthcare provider advice in gearing up for 2014 HIPAA audits

by Patrick Ouellette

With the Office for Civil Rights (OCR) in the midst of organizing its 2014 HIPAA auditing program, now is a good time for healthcare providers to begin assessing their state of compliance and determine their readiness for these potential audits....

Patient information breached after office computer theft

by Nicole Freeman

An office break-in may have comprised the protected health information (PHI) of patients at Dr. J.M. Benson’s Sherman, Texas practice, according to a report from the Herald Democrat. The incident was reported on January 5, 2014. During the...

Palo Verde Healthcare reports internal data breach

by Patrick Ouellette

The Palo Verde Healthcare District (PVHD) recently alerted an unknown number of patients with letters that a HIPAA violation had occurred involving their protected health information (PHI). Four former PVHD administrator employees a civil lawsuit...

Faxing error causes United Healthcare breach

by Nicole Freeman

A Portland, Oregon man has been receiving erroneous faxes containing protected health information (PHI) from Community Memorial Hospital patients through an apparent error with United Healthcare, an insurance company, according to a report from...

Triple-S receives $6.8M fine for HIPAA violation

by Nicole Freeman

Triple-S Salud, a Puerto Rican managed care company, has been fined $6.8 million by the Medical Insurance Administration (ASES in Spanish) after a HIPAA violation, according to a report from Caribbean Business. The breach occurred last year....

HealthShare Montana to use Coalfire’s HIPAAcentral

by Nicole Freeman

HealthShare Montana, a non-profit state health information exchange (HIE), will be offering HIPAA compliance services to its participants throughout the state with Coalfire’s HIPAAcentral. Coalfire provides risk assessment and compliance management...

VA risk management team expects data breach in year ahead

by Nicole Freeman

A memo from the Department of Veterans Affairs (VA) has noted that the organization’s security standards are so lacking that a data breach is “practically unavoidable,” according to reports from CNBC and Military.com. The comment was made...

Healthcare network access data found on file-sharing website

by Nicole Freeman

Documents containing information on how to access healthcare provider networks were found on the file-sharing website 4shared.com, known as source of information for hackers, according to a report from The Wall Street Journal. The files included...

OCR readies pre-audit survey for HIPAA covered entities, BAs

by Patrick Ouellette

The Office for Civil Rights (OCR) began to set the table for its 2014 auditing program when it published an information collection request for HIPAA covered entities and business associates (BAs) in the Federal Register yesterday. While the exact...

HIMSS14 privacy and security educational sessions preview

by Nicole Freeman

As the government continues to enforce regulations to protect patient data, healthcare organizations are consistently reminded of their need to comply with HIPAA, as are their business associates (BAs). Compliance for all covered entities and...

2013 HIMSS Security Survey highlights internal risks

by Patrick Ouellette

From security staffing and budgets to security breaches and medical identity theft, the 2013 HIMSS Security Survey encompassed a broad range of healthcare IT security topics. The survey tracked feedback from of 283 information technology (IT)...

St. Vincent Hospital notifies 1,100 patients of laptop theft

by Nicole Freeman

Over 1,100 patients of St. Vincent Hospital in Indianapolis are being notified of a potential data breach after laptop being used with an EEG machine was reported missing, according to a report from WISHTV.com. The laptop, which was password-protected,...

HIMSS14 session preview: C-suite & security risk management

by Nicole Freeman

In small practices, doctors and their staff members can make security and risk management decisions and implement changes with little hassle. Organizations on a larger scale, however, are often subject to decisions made by executives and boards...

HIMSS14 session preview: HIPAA security controls & analytics

by Nicole Freeman

While healthcare organizations are often warned of data breaches and the need for security measures, there may be concern as to what kinds of protection are needed. How much security is enough? What does each unique provider need to do to protect...

HIMSS14 session preview: Encrypting data at rest

by Nicole Freeman

Healthcare providers often hear about the benefits of encrypting protect health information (PHI), and the data breaches that become more serious when information is unencrypted. Encrypting data at rest is required of HIPAA-covered entities per...

OCR complaint filed against St. Rose Dominican Hospitals

by Patrick Ouellette

Because it allegedly compromised patient records as part of gaining leverage in a contract dispute, Dignity Health, which owns St. Rose Dominican Hospitals, is in the process of dealing with a complaint filed with the Office for Civil Rights...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks