Healthcare Information Security

HIPAA Technical Safeguards

St. Joseph data breach affects 405,000

by Nicole Freeman

St. Joseph Health System (SJHS) in Texas reported a data breach that occurred between December 16 and 18, according to reports from KWTX.com and Theeagle.com. The breach has affected more than 405,000 patients, employees, and employee beneficiaries....

Health data breach report: 137 percent breached record uptick

by Patrick Ouellette

According to Redspin’s 2013 Breach Report, 804 large breaches of protected health information (PHI) have affected more than 29.2 million patient records and were reported to the Secretary of Health and Human Services (HHS) since the inception...

Study: Data breaches cost healthcare providers $1.6 billion

by Patrick Ouellette

MeriTalk and EMC announced the results today of a study, Rx: ITaaS + Trust, dedicated to getting a better understanding of costs for healthcare providers associated with security breaches, data loss and unplanned outages. The study claims, according...

Unity Health Plans notifies 41,437 of missing hard drive

by Nicole Freeman

Unity Health Plans Insurance Corporation is notifying 41,437 members of a portable heard drive missing from the UW-Madison School of Pharmacy, according to reports from the Wisconsin State Journal and Fox47. The hard drive, reported missing to...

Calif. AG Harris files civil suit v. Kaiser for 2011 breach

by Patrick Ouellette

Attorney General Kamala D. Harris, on behalf of the people of California, is looking to make Kaiser Foundation Health Plan, Inc. pay for exposing patient data two and a half years ago. According to courthousenews.com, Harris’s complaint...

North Country Hospital has second breach in 4 months

by Nicole Freeman

The Centers for Medicare and Medicaid Services (CMS) issued a regulatory citation to North Country Hospital in Newport, Vermont after two unauthorized employees accessed confidential medical records, according to a report from WCAX.com. The incident...

LabMD winds down operations after FTC motion rejection

by Patrick Ouellette

After numerous attempts to assert that Federal Trade Commission’s (FTC) didn’t have the necessary authority to take data security enforcement action against it after a breach, LabMD is throwing in the proverbial white towel and will wind...

House Veterans Committee seeks answers in latest VA breach

by Nicole Freeman

The House Veterans Affairs Committee chairman Rep. Jeff Miller is seeking answers from VA Secretary Eric Shinseki to 18 questions regarding the Veterans Affairs Department’s (VA) latest security incident, according to a report from Federal...

FTC sees no conflict with HHS in HIPAA jurisdiction

by Patrick Ouellette

In the Federal Trade Commission’s (FTC) eyes, its enforcement authority under the FTC Act doesn’t clash with the Department of Health and Human Services (HHS) role in regulating HIPAA. According to bna.com, the FTC voted 4-0 to reject...

Exco In Touch completes HIPAA, NIST audit

by Nicole Freeman

Exco In Touch, a data capture vendor for healthcare providers, announced that it has successfully completed a HIPAA compliance audit using National Institute of Standards and Technology (NIST) guidelines. The NIST guidelines were published in...

Paper records stolen from CaroMont employee car

by Nicole Freeman

Paper records for 191 patients of CaroMont Regional Medical Center were stolen from an employee’s car in Dallas on December 16, according to a report from the Gaston Gazette. The records were part of a census report created by the hospital....

Telemedicine privacy, security considerations for providers

by Nicole Freeman

As innovations in technology become more and more prominent, the face of the healthcare world begins to change. Health information exchanges (HIEs) allow patient information to be shared with ease, and bring your own device (BYOD) policies enable...

Looking at both sides of the BYOD remote wipe policy debate

by Patrick Ouellette

Many healthcare organizations that have BYOD policies and procedures in place to ensure the device and, more importantly, the data on the device are secure. And as part of those policies, organizations will stipulate that can remote wipe the...

Law firm iOS app aggregates federal, state breach statutes

by Patrick Ouellette

While Fox Rothschild LLP’s new Data Breach 411 iOS application shouldn’t be the sole resource healthcare organizations and their business associates (BAs) use when responding to data breaches, the app may be useful for compliance...

Redspin service combines HIPAA and PCI DSS analyses

by Nicole Freeman

Redspin, Inc., an IT security assessments and testing provider, has announced a new service that combines HIPAA Security Risk and PCI DSS 3.0 Gap Analyses. Reports are created through single-process analysis of data collection and policy review,...

Southwest General notifies 480 patients of data breach

by Nicole Freeman

Southwest General Health Center of Ohio is notifying more than 480 patients involved in an obstetrics study of a missing binder containing patient information, according to reports from Fox 8 Cleveland and Cleveland.com. The binder has been missing...

N.C. DHHS secretary apologizes for Medicaid data breach

by Patrick Ouellette

North Carolina Department of Health and Human Services (DHHS) secretary Aldona Wos apologized on Tuesday at a legislative committee meeting in response to last month’s Medicaid card breach that affected 48,752 patients. While apologetic,...

Phoebe Putney Memorial notifies 6,777 patients of breach

by Nicole Freeman

The Phoebe Putney Memorial Hospital (PPMH) in Albany, Georgia is notifying 6,777 patients of a potential data breach after an unencrypted desktop computer was found missing on November 6, according to reports from WALB.com, WTVM.com and The Florida...

HIE privacy, security best practices: A review

by Nicole Freeman

Health information exchanges (HIEs) continue to play an important role in healthcare, allowing the quick, easy exchange of patient information between physicians, providers, hospitals, pharmacies, payers, and other healthcare professionals while...

Notices of stolen S.C. insurance data sent 2 months after theft

by Nicole Freeman

A South Carolina state-mandated health insurance program notified customers of a laptop theft two months after the theft was reported, according to GoUpstate.com. The laptop contained information from 3,432 customers who had used the program...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks