Healthcare Information Security

HIPAA Technical Safeguards

Boston Medical Center transcription service exposes PHI

by Patrick Ouellette

Once it learned that 15,000 patients’ data had been exposed on its transcription service vendor’s website, Boston Medical Center (BMC) fired MDF Transcription Services and has sent breach notification letters to patients. The website...

Health data breach roundup: Tufts Health Plan, Iowa DHS

by Patrick Ouellette

Data breaches of all different shapes, sizes and victims are being reported on an almost daily basis, so it can be difficult to stay up to date on the latest breach incidents. HealthITSecurity.com has compiled a list of the latest breaches down...

Coordinated Health data breach may impact 700 patients

by Patrick Ouellette

Coordinated Health reported this week that a data breach involving a stolen laptop belonging to an employee may have affected up to 700 patients. According to poconorecord.com, an employee in Bethlehem had left the laptop in their car and the...

Managing healthcare network security and BYOD needs

by Patrick Ouellette

Though there’s never a true winner in the “ease of use” v. security debate, coming to a happy medium between the two can present challenges for healthcare organizations. This is especially the case when dealing with the impact...

Reviewing Concentra Health and QCA HIPAA breach CAPs

by Patrick Ouellette

We learned yesterday that two HIPAA covered entities, Concentra Health Services and QCA Health Plan, had come to individual monetary agreements with the Office for Civil Rights (OCR) to settle HIPAA violations. Those resolutions included corrective...

Concentra, QCA Health Plan agree to HIPAA breach settlements

by Patrick Ouellette

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) sent out a release today detailing two entities’ settlements for HIPAA Privacy and Security Rule violations involving unencrypted laptop thefts. According to...

Kentucky passes state data breach notification law

by Patrick Ouellette

Following Kentucky Auditor of Public Accounts (APA) Adam H. Edelen explaining in detail back in January why Kentucky needed a breach notification law, the state recently became the 47th to ratify data breach notification legislation. On April...

UPMC alerts employees of data breach, fraud activity

by Patrick Ouellette

The University of Pittsburgh Medical Center (UPMC) reported that as many as 27,000 employees’ may have been affected by a data breach it learned of in February. It appeared as though the compromised information was accessed with access...

LewisGale Regional Health System experiences data breach

by Patrick Ouellette

LewisGale Regional Health System of Salem, Va. recently reported a multi-state data breach that affected 400 patients, 40 of which were under LewisGale’s care. The breach, wdbj7.com reported, occurred in LewisGale’s billing department...

Mobile health IT security: Bolstering technology with policy

by Patrick Ouellette

One way or another, mobile devices are finding their way into healthcare organizations’ four walls and onto their networks. Each organization’s mobile needs vary based on size and available resources and many have come a long way...

University Urology of Tenn. releases data breach statement

by Patrick Ouellette

University Urology, P.C. of Knoxville, Tenn. released a statement on April 11 that detailed how 1,144 patients’ data had been exposed in 2013 and early 2014. Though the information was limited to patient names and addresses, University...

Texas nonprofit advocacy group tells 2,934 of PHI breach

by Patrick Ouellette

An Austin, Texas nonprofit advocacy group for children with developmental disabilities, EveryChild, Inc., recently announced that it has informed 2,934 families of a potential data breach, according to mysanantonio.com. The group learned of the...

La Palma Intercommunity Hospital announces 2012 data breach

by Patrick Ouellette

Following a year and a half delay, La Palma Intercommunity Hospital recently announced that it has alerted an unknown number of patients of a September 2012 internal data breach that may have compromised their data. However, according to the...

Mich. Health Dept. reveals 2,595-patient data breach

by Patrick Ouellette

The Michigan Department of Community Health (MDCH) announced on April 3 that it had experienced a patient data breach on January 30 or 31 when an encrypted laptop and unencrypted flash drive were stolen from a State Long Term Care Ombudsman’s...

Los Angeles County DHS adds 170,200 patients to breach list

by Patrick Ouellette

About a month after Los Angeles County Department of Health Services (DHS) reported a 168,000-patient data breach at its billing company, Sutherland Healthcare Solutions, it has added 170,200 patients to the breach list. According to the Los...

Kaiser Permanente reports 2011 research server malware attack

by Patrick Ouellette

The Kaiser Permanente Northern California Division of Research will begin notifying an unknown number of patients today of a potential data breach that (1) happened in October 2011 and (2) it learned of on Feb. 12, 2014. According to a sample...

Phishing attack exposes Franciscan Health System patient data

by Patrick Ouellette

Despite the growing number of threats that healthcare security professionals must stay current with, many are making concerted efforts to devote time and resources to preventing human error breaches, including phishing attacks. It appears as...

Palomar Health notifies 5,000 patients of health data breach

by Patrick Ouellette

Following a burglary of a laptop and two flash drives back in late February, Palomar Health of California announced that about 5,000 patients’ data was exposed in the breach. According to U-T San Diego, the devices had been stolen from...

Report: Walgreens ‘Well Experience’ exposed patient data

by Patrick Ouellette

Even when an organization such as Walgreens that handles protected health information (PHI) tries to improve the consumer experience, it must tread lightly in doing so. Within the past year or so, Walgreens has released its “Well Experience”...

HHS: Monroeville, Pa. did not breach HIPAA regulations

by Patrick Ouellette

As much as healthcare organizations, as well as the public HIPAA covered entities that handle patient data in some form, keep track of data breaches and government penalties for compliance failures, an organization being absolved of HIPAA breach...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks