Healthcare Information Security

HIPAA Compliance

Top Reminders for Implementing a HIPAA Contingency Plan

by Elizabeth Snell

Healthcare organizations must ensure they have a current HIPAA contingency plan in place to prepare for all types of adverse events, including natural disasters and cybersecurity attacks, according to the latest OCR Cybersecurity Newsletter....

Data Security Key Consideration for Healthcare Blockchain Success

by Elizabeth Snell

Healthcare data security, data storage, data availability, and confidentiality are some of the most important characteristics in the application of healthcare blockchain, according to the latest edition of Blockchain in Healthcare...

AHIMA Continues Push for Balance in Patient Data Access, Security

by Elizabeth Snell

Healthcare professionals should have access to their patients’ entire medical history, but patient data access and data security measures must also be considered, AHIMA members said in meetings with Congress today. Access to substance abuse...

EmblemHealth Data Breach Leads to $575K NY State Settlement

by Elizabeth Snell

New York Attorney General Eric Schneiderman announced that a $575,000 settlement had been reached in the EmblemHealth data breach case, following a mailing error incident that exposed 81,122 Social Security numbers. The health plan discovered...

HIMSS18 Focusing on Holistic Healthcare Cybersecurity

by Elizabeth Snell

Healthcare IT privacy and security professionals will soon be flocking to Las Vegas for the 2018 HIMSS Annual Conference and Exhibition (HIMSS18). Starting on March 5, healthcare stakeholders will work their way around the Venetian Palazzo Sands...

Physical Safeguard Need Underlined in Recent VA Privacy Protocols

by Elizabeth Snell

A recent data breach involving old records from hospital patients, employees, and job applicants has led a VA medical center to launch new data privacy protocols. The John J. Pershing VA Medical Center said that it will be improving its...

Stakeholders Desire Clarification on Secure Data Exchange in TEFCA

by Elizabeth Snell

ONC must further clarify secure data exchange aspects in its Trusted Exchange Framework and Common Agreement (TEFCA) draft, and also explain how HIPAA regulations will apply, according to industry stakeholders. One of the TEFCA principles discusses...

Common Rule Interim Version Released, Exempts HIPAA Research

by Elizabeth Snell

More secondary research of EHR data will be enabled through the recently announced interim version of the Federal Policy for the Protection of Human Subjects, or the Common Rule. Certain low-risk studies, such as observational studies meant to...

How Does HIPAA Compliance Apply in the Healthcare Cloud?

by Bill Kleyman

Only a handful of years ago, security and healthcare professionals deemed hosting healthcare data in the cloud to be untenable. However, the evolution of the healthcare industry as well as cloud solutions has really changed the perspective for...

Timothy Noonan Named OCR Acting Deputy Director

by Elizabeth Snell

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently named Timothy Noonan as the new OCR acting deputy director for health information privacy (HIP). Noonan has been in the position since January 29, 2018,...

45% of Orgs Claim Employees Biggest Cloud Security Risk

by Elizabeth Snell

Healthcare cloud security is increasingly critical for organizations as they continue to implement more options for data storage and backup. Employees must also be properly trained on the latest cybersecurity trends to properly mitigate potential...

Retirement Community Reports Potential PHI Data Breach for 5.2K

by Elizabeth Snell

Maryland-based Westminster Ingleside King Farm Presbyterian Retirement Communities, Inc. (Ingleside) experienced a possible PHI data breach when it was targeted by a malware attack, according to an online statement. Ingleside discovered the malware...

New York Reaches $1.15M Settlement over Aetna Data Breach

by Elizabeth Snell

New York Attorney General Eric Schneiderman announced that a $1.15 million settlement has been reached following the Aetna data breach that occurred in 2017. Aetna sent letters to patients in the mail back in July 2017. Information about ordering...

KS Healthcare Organization Fined over Unsecured Patient Data

by Elizabeth Snell

Topeka, Kansas-based Pearlie Mae’s Compassion and Care LLC recently agreed to pay an $8,750 civil penalty after allegations that it had unsecured patient data in one of its office locations. Defendants Ann Marie Kaiser and Jenell Jones...

Why Providers Need a Disaster Recovery Plan for EHR Security

by Elizabeth Snell

Whether healthcare providers are working to prepare for potential natural disasters like hurricanes or manmade cybersecurity issues (i.e., ransomware attacks, insider data breaches) having a disaster recovery plan is essential. Entities of all...

What Precedent Will Be Set in CareFirst Data Breach Case?

by Elizabeth Snell

The flood gates could potentially be opened for “no-injury class actions arising from virtually every data breach” if the US Supreme Court does not reaffirm the Washington DC circuit court’s decision with the CareFirst data...

How Compliance, Data Security Needs Shift with Big Data Push

by Elizabeth Snell

Numerous companies are working to evolve their database ecosystems through cloud and big data initiatives, and are subsequently facing an increasing number of compliance and data security needs. Recent research found though that not many organizations...

Amazon HIPAA Compliance Lead Search Indicates Healthcare Focus

by Elizabeth Snell

An Amazon job posting for a HIPAA Compliance Lead potentially indicates that the technology company is looking to expand into the healthcare space. The individual hired for the healthcare privacy and security position will help Amazon in a “new...

CT Supreme Court Rules Patients Can Sue Over PHI Disclosure

by Elizabeth Snell

There is a duty of confidentiality between a physician and patient, and patients have the right to sue should unauthorized PHI disclosure take place, according to the Connecticut Supreme Court. In Byrne v. Avery Center for Obstetrics & Gynecology,...

Potential WV Health Data Breach from Laptop Theft Affects 43K

by Elizabeth Snell

West Virginia-based Coplin Health Systems recently reported a possible health data breach after it discovered that a laptop potentially containing personal health information was stolen. The device was stolen from an employee’s automobile...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks