Healthcare Information Security

HIPAA Administrative Safeguards

Sutter Health Data Breach Affects 2,500 Patients

by Elizabeth Snell

A former employee reportedly emailed patient information without authorization, leading to a Sutter Health data breach. Sutter Health explained in a statement on its website that 2,582 patients are potentially affected, and that with the exception...

HHS: Administrative Safeguards Keep Yammer Use Secure

by Elizabeth Snell

The Department of Health and Human Services (HHS) reportedly will continue to use a social application that the Department of Veteran Affairs (VA) Office of Inspector General (OIG) found to have potential security vulnerabilities. With the right...

Health Data Breaches Stem From Hacking, Employee Theft

by Elizabeth Snell

Health data breaches can be caused by various incidents, which is why covered entities and their business associates must have comprehensive safeguards in place. Two separate incidents at medical centers highlight the importance of this fact,...

Employee Negligence Top Health Data Breach Issue, Report Says

by Elizabeth Snell

A large portion of health data breach incidents are tied to insider activity, employee negligence, and physical theft of devices, according to a recent SurfWatch report. The 2015 Mid-Year Cyber Risk Report found that personal information is increasingly...

Health Data Breaches From Theft, Improper Disposal

by Elizabeth Snell

As often discussed on this site, health data breaches can stem from numerous areas. Covered entities and their business associates need to ensure they have a comprehensive data security plan, and are able to implement the necessary physical,...

A Review of Common HIPAA Administrative Safeguards

by Elizabeth Snell

HIPAA administrative safeguards are a critical piece to the larger health data security puzzle that all covered entities must put together. The three types of safeguards are not only a federal requirement, but they all play an important role...

Mayo Clinic Says 601 Patient Records Inappropriately Accessed

by Elizabeth Snell

The Mayo Clinic Health System in Red Wing, Minnesota reported that 601 patient records were inappropriately accessed by an employee. Mayo Clinic Public Affairs Manager Asia Zmuda confirmed in an email to HealthITSecurity.com that “an employee...

UPMC Reports Second Health Data Breach in Two Months

by Elizabeth Snell

The University of Pittsburgh Medical Center (UPMC) Health Plan recently reported a health data breach affecting 722 patients. This is the second health data breach reported at a UPMC facility in just under two months. A data file with certain...

Orlando Health Data Breach Affects 3,200

by Elizabeth Snell

An employee’s unauthorized access of 3,200 patient medical records has caused a potential health data breach at Orlando Health. During a routine patient record access audit on May 27, 2015, Orlando Health discovered that a certified nursing...

Why HIPAA Technical Safeguards Alone Are Not Enough

by Elizabeth Snell

HIPAA technical safeguards are an important part of any covered entity or business associate’s data security plan. However, that security measure by itself is not enough to ensure that a health data breach will never occur, according to...

Improper Disposals Lead to Potential Health Data Breaches

by Elizabeth Snell

Preventing potential health data breaches requires healthcare organizations to have the necessary physical, technical and administrative safeguards in place. If one area is lacking, or is simply overlooked, it does not matter how strong the other...

Did Failed Administrative Safeguards Cause Two Data Breaches?

by Elizabeth Snell

This site constantly underlines the importance of healthcare organizations keeping all of their safeguards up to date, as anything from failed administrative safeguards to failed physical safeguards can create privacy and security issues. Without...

HIPAA Violation Leads to Probation for Radiologist

by Elizabeth Snell

An Ohio radiologist is facing disciplinary actions from the state medical board after she reportedly committed a HIPAA violation. Dr. Aimee Hawley unlawfully accessed a colleague’s medical record, according to a DOTmed News article, and...

Medical Management Data Breach Impacting Multiple States

by Elizabeth Snell

Last week, we reported on a healthcare data breach where a third party facility, Medical Management LLC, connected with the University of Pittsburgh Medical Center (UPMC) reported that approximately 2,200 UPMC patients may have had their records...

Possible Health Data Breaches From Theft, Unauthorized Access

by Elizabeth Snell

Even when covered entities implement sophisticated cybersecurity measures, health data breaches can still happen. It is important to not overlook seemingly simple security measures, such as installing proper locks on doors or even having an alarm...

Human Error Top Data Security Issue, Says Law Firm Report

by Elizabeth Snell

It seems as if every week there is a new top data security issue for healthcare organizations to remain vigilant on. If nothing else, it further underlines why a well-rounded approach to data security is essential, and covered entities must ensure...

Phishing Scams: HIPAA Technical or Administrative Safeguard?

by Elizabeth Snell

Phishing scams are not a new threat to the healthcare industry, but as other data security threats have evolved over time, so have phishing approaches. Early on, individuals might have gotten emails from someone claiming to be a prince from a...

Two Cases of Improper Disposal Cause Health Data Breaches

by Elizabeth Snell

Health data breaches can be caused by numerous situations, and with the increase of electronic medical records and online issues, the proper care of paper documents can occasionally be overlooked. Regardless of how covered entities store and...

BCBS Mich. Employee Stole Patients’ Personal Information

by Elizabeth Snell

A former Blue Cross Blue Shield Michigan (BCBSM) employee helped steal patients’ personal information, according to a Detroit Free Press article. In total, the information of 5,514 Blue Care Network and BCBSM members was compromised, which...

St. Louis Reports HIPAA Violation by County Employee

by Elizabeth Snell

The Saint Louis County Department of Health is investigating a potential HIPAA violation where the personal information of inmates at a county jail was sent to a personal email address. A health department employee emailed a document that had...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks