Healthcare Information Security

HIPAA Technical Safeguards

NRAD Medical Associates notifies 97,000 patients of breach

by Patrick Ouellette

NRAD Medical Associates of Garden City, New York has informed 97,000 patients that an internal employee inappropriately accessed protected health information (PHI) and patient billing data back in April 2014. According to newyork.cbslocal.com,...

Montana DPHHS HIPAA breach affects 1.3 million patients

by Patrick Ouellette

The Montana Department of Public Health and Human Services (DPHHS) has reported more details on one of the largest HIPAA breaches in terms of number of affected patients, as up to 1.3 million records were compromised. The server hack was...

St. Joseph Health sends patient breach notification letters

by Patrick Ouellette

Among the items that can be lost in the mix when one healthcare organization takes over another is security and compliance. St. Joseph Health recently took over the former Redwood Regional Medical Group’s imaging center and has taken responsibility...

Apple HealthKit privacy questions for providers, developers

by Patrick Ouellette

As referenced by Rocky Mountain Human Services (RMHS) IT Director Frank Baer, there is no turning back from the confluence of mHealth applications and healthcare privacy concerns. Instead, organizations must go head-first into mobile security....

Penn State Hershey Medical Center alerts 1,801 patients of breach

by Patrick Ouellette

Penn State Milton S. Hershey Medical Center began alerting 1,801 patients last week that an employee had accessed clinical data without having proper IT security protections in place. According to the Penn State statement, the employee, a clinical...

Healthcare data breach trends: Areas of needed improvement

by Patrick Ouellette

Recent news that a Montana Department of Public Health and Human Services server had been hacked into served as a reminder that there are a number of different ways in which HIPAA covered entities can endure data breaches. With that in mind,...

Server hack leads to Montana Health Department investigation

by Patrick Ouellette

Just less than a year after a Montana Department of Public Health and Human Services server was hacked into, the department is alerting both public program clients and employees that their data was inappropriately accessed. After seeing some...

Ensuring HIPAA compliance among inpatient, outpatient docs

by Kyle Murphy, PhD

The continuum of care continues to expand and is forcing integrated delivery networks and health systems to reconsider their health data privacy and security practices after addressing the features unique to inpatient and outpatient clinical...

Data breach may affect all 62,000 UPMC employees

by Patrick Ouellette

Another healthcare data breach involving employees continues to grow, as the range of employees affected by the University of Pittsburgh Medical Center (UPMC) breach has grown from a reported 27,000 to potentially all 62,000 employees, according...

ProMedica Bay Park Hospital announces data breach

by Patrick Ouellette

ProMedica Bay Park Hospital of Oregon, OH is in the process of alerting more than 500 patients that their protected health information (PHI) had been breached after an internal employee inappropriately gained access to the information. According...

L.A. County boosts encryption policies after data breach

by Patrick Ouellette

Most often out of necessity, a healthcare organization that has just endured a data breach will comprehensively review its privacy and security procedures. The most recent example of these ramped-up efforts is the ongoing Los Angeles County Department...

HIPAA Security Rule requirements: Technical safeguard review

by Patrick Ouellette

Implementing the right blend of technology and policy is easier said than done for a healthcare organization, as there are myriad complications to each side of the security equation. But having a strong understanding of what the Department of...

UC Irvine alerts patients of keylogging malware incident

by Patrick Ouellette

University of California Irvine (UCI) announced last week that 1,813 students and some non-students were impacted by a data breach involving keylogging software malware. The UCI IT Security office learned that the breach had affected three UCI...

Secure healthcare communication in a mobile environment

by Andy Nieto

Mobile technology has undoubtedly advanced, as today’s smartphone possesses more computing power than NASA did when we first put man on the moon. Power without purpose, however, is chaos and privacy and security are not ancillary considerations...

Employees file class suit against UPMC following data breach

by Patrick Ouellette

Employees affected by the University of Pittsburgh Medical Center (UPMC) data breach have filed a class action lawsuit against UPMC and its payroll vendor, Ultimate Software Group. The suit says that UPMC and the vendor breached its duty to protect...

HHS deals out largest-ever $4.8M HIPAA violation settlement

by Patrick Ouellette

The Department of Health and Human Services (HHS) announced yesterday that it had handed out $4.8 million worth of HIPAA fines to New York and Presbyterian Hospital (NYP) and Columbia University (CU) after they submitted a joint breach report...

OCR dismisses Walgreens ‘Well Experience’ HIPAA complaint

by Patrick Ouellette

The Office for Civil Rights (OCR) has officially completed its investigation into the Walgreens “Well Experience” program and dismissed the complaint filed by the activist group, Change to Win (CtW), after finding CtW’s patient privacy...

Molina Healthcare contractor mail error exposes patient data

by Patrick Ouellette

Molina Healthcare, a multi-state healthcare organization, reported on Friday that a postcard mailing error in March had resulted in 5,261 former members’ Social Security numbers being inadvertently exposed. According to the Albuquerque...

UMass Memorial Medical sends out patient data breach notices

by Patrick Ouellette

After taking nearly two months to flesh out a patient data breach involving inappropriate internal access, UMass Memorial Medical Center (UMMMC) of Worcester, Mass. announced this week that it had alerted more than 2,400 affected patients of...

Centura Health alerts 1,000 patients of phishing attack

by Patrick Ouellette

A data breach involving Mercy Regional Medical Center of Durango, Colo. exemplifies the stark reality that phishing attacks have become more complex and difficult for even the most shrewd of users to pick out. Mercy employees, according to the...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks