Healthcare Information Security

HIPAA Technical Safeguards

VA Cybersecurity Woes Continue, 16 Consecutive Audit Fails

by Elizabeth Snell

The VA once again failed its annual cybersecurity audit. For the 16th consecutive year, the Department of Veterans Affairs failed its annual cybersecurity audit. The investigation sought to find out if the agency was in compliance with...

Creating Healthcare Security with Special Purpose Networks

by Eric Abbott

With 69 percent of healthcare providers using mobile devices to view patient information, having a high-quality and secure, yet transparent wireless network within a healthcare organization (HCO) is indispensable. And, with the shift to...

Does Healthcare Security Interfere with Clinical Workflow?

by Dustin Lake

Clinical workflows – an established process in a clinician’s daily activity of caring for patients – are increasingly integrating with healthcare information systems, and therefore, healthcare security.  The...

Why Healthcare Providers Should Consider Data Encryption

by Elizabeth Snell

Healthcare Data Encryption is a crucial tool for providers as they implement BYOD policies and work to strengthen their EHR systems. Healthcare data encryption is becoming an increasingly hot topic, especially as more providers implement...

HIPAA Technical Safeguards: A Basic Review

by Elizabeth Snell

It’s critical to review the requirements of HIPAA technical safeguards to ensure that your healthcare organization is compliant and able to keep PHI safe. While no healthcare organization can guarantee that a data breach will never...

Potential Health Data Breach Hits Dermatology Facility

by Elizabeth Snell

Central Dermatology Center is facing a possible health data breach after finding malware was uploaded into one of its computer servers. A North Carolina dermatology center is working through the aftermath of a potential health data breach...

How Health Data Security Benefits from Industry Sharing

by Elizabeth Snell

Health data security is not a new issue in the healthcare sector, but with health information exchanges (HIEs) springing up all over the country, facilities have to be aware of systems other than their own. In order to ensure that patient...

Touchstone Medical Imaging Posts Data Breach Notification

by Patrick Ouellette

Touchstone Medical Imaging, LLC has sent out notices to some patients treated prior to August of 2012 that it learned on May 9, 2014 that a shared folder holding sensitive data was exposed on the internet. The imaging specialist...

Cedars-Sinai Data Breach Update: 33,000 Patients Affected

by Patrick Ouellette

The Cedars-Sinai Medical Center in Los Angeles announced an unencrypted laptop theft that compromised at least more than 500 patients’ data in August, but actual number of affected patients was unknown. The Los Angeles Times recently...

Report: rollout lacked CMS accountability

by Patrick Ouellette

More details surrounding the Centers for Medicare and Medicaid Services (CMS) hurried launch last fall are emerging. The most recent, Rep. Darrell Issa’s (R-Calif.) “Behind the Curtain of the

GAO: CMS must boost privacy and security controls

by Patrick Ouellette

According to the U.S. Government Accountability Office (GAO), the Centers for Medicare and Medicaid Services (CMS) has made strides in addressing privacy and security controls, there is still work to be done to mitigate...

Aventura Hospital reports 82,601-patient data breach

by Patrick Ouellette

Aventura Hospital and Medical Center recently announced its third data breach in two years, according to The most recent breach exposed 82,601 patients’ data from Sept. 13, 2012 to June 9, 2014 and result from a...

Temple physicians office alerts 3,780 patients of data breach

by Patrick Ouellette

A Temple University physicians’ office recently notified 3,780 patients that their data was exposed after a laptop was stolen from its surgery department in July. reports the Temple University physicians’ office...

Central Utah Clinic notifies patients of 2012 data breach

by Patrick Ouellette

Central Utah Clinic published a data breach notification letter to alert 31,677 patients that their information had been compromised on August 7, according to a post on Central Utah Clinic, a Utah multi-specialty practice...

HealthCare.Gov hacking incident: Industry commentary

by Patrick Ouellette

The Department of Homeland Security’s U.S. Computer Emergency Readiness Team and FBI are now investigating the recent hack into the HealthCare.Gov test server. For a server that wasn’t supposed to be connected to the internet,...

Hackers upload malware onto HealthCare.Gov test server

by Patrick Ouellette

Perhaps the Centers for Medicare and Medicaid Services (CMS) had good reason for withholding HealthCare.Gov security control information from the Associated Press. According to a Wall Street Journal report, hackers were able to gain...

Should CMS release Healthcare.Gov security information?

by Patrick Ouellette

The Centers for Medicare and Medicaid Services (CMS) made news recently when it denied an Associated Press (AP) request for information about HealthCare.Gov security. Though it could have provided some generic details with respect to the...

Duke Health System notifies patients of data breach

by Patrick Ouellette

Duke University Health System recently announced that it experienced a patient data breach on July 1 when an unauthorized person stole an unencrypted thumb drive from an administrative building. According to the patient notice on the Duke...

Health data encryption questions to ask your vendors

by Patrick Ouellette

The umbrella vendor statement “we encrypt all of our data” isn’t enough to satisfy HIPAA regulations, nor is it sufficient for a healthcare organization to trust in those words as it’s building a strong security...

Health data encryption: Software architecture best practices

by Patrick Ouellette

Data encryption in healthcare isn’t necessarily a cure-all, as top-flight hackers can crack encryption keys with relative ease. But there is obvious value in ensuring that protected health information (PHI) is encrypted, both locally...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...