Healthcare Information Security

Patient Data Security

Steward Must Satisfy Jury Doc Got Sacked for HIPAA Violation

May 17, 2018 - A Massachusetts federal judge ruled May 16 that Boston-based Steward Healthcare System must convince a jury that it fired a psychiatrist for an alleged HIPAA violation, not in retaliation for his taking disability leave after contracting pneumonia, reported Law360.  Dr. Alexander Lipin claims that Steward fired him because he asked to take an extended disability leave under the Family...


More Articles

Navy, USAF Could Face HIPAA Violation Fines for Lax EHR Security

by Fred Donovan

The US Navy and US Air Force have poor security practices for their electronic health record (EHR) systems and could face millions of dollars in HIPAA violation fines if action is not taken to correct these problems, warned the Department of...

Data Privacy Rights Hinder Effective Treatment, Warns AHA

by Fred Donovan

The American Hospital Association (AHA) is pushing for passage of HR 3545, the Overdose Prevention and Patient Safety Act, which would curb data privacy rights under 42 Code of Federal Regulations (CFR) Part 2 that prevent healthcare providers...

How EU Data Privacy Rule Could Impact US Healthcare Providers

by Fred Donovan

US healthcare organizations that handle personal information of EU individuals will face stricter regulatory requirements and possibly hefty fines under the EU’s new data privacy rule set to take effect May 25, 2018. The General Data Protection...

CareFirst BlueCross BlueShield Fesses Up to Phishing Attack

by Fred Donovan

Baltimore-based CareFirst BlueCross BlueShield admitted March 30, 2018 that the personal data of 6,800 CareFirst members may have been exposed by a phishing attack that compromised an employee’s email account. Information that could have...

Healthcare Data Breach Leads to Identity Theft Guilty Plea

by Elizabeth Snell

Robert Ashley Bond of Thackerville, Oklahoma recently pled guilty to charges over his alleged involvement in a 2017 healthcare data breach.  The United States Attorney’s Office for the Eastern District of Oklahoma announced that...

Uber Health Prioritizes Patient Data Security, HIPAA Compliance

by Elizabeth Snell

Ridesharing company Uber launched a platform in March 2018 that aimed to provide more transportation options to patients. Individuals can use Uber Health to get a ride to their provider, while being reassured that HIPAA compliance remains a top...

Proper Paper Records Disposal Necessary for PHI Data Security

by Elizabeth Snell

Even as healthcare providers are increasingly implementing EHRs and patient data is being transferred to electronic form, organizations cannot overlook PHI data security measures with their paper records. Researchers at Toronto's St. Michael's...

Data Security Key Consideration for Healthcare Blockchain Success

by Elizabeth Snell

Healthcare data security, data storage, data availability, and confidentiality are some of the most important characteristics in the application of healthcare blockchain, according to the latest edition of Blockchain in Healthcare...

AHIMA Continues Push for Balance in Patient Data Access, Security

by Elizabeth Snell

Healthcare professionals should have access to their patients’ entire medical history, but patient data access and data security measures must also be considered, AHIMA members said in meetings with Congress today. Access to substance abuse...

What the CareFirst Data Breach Decision Means for Healthcare

by Elizabeth Snell

In February 2018, the US Supreme Court denied certiorari in the CareFirst data breach case. CareFirst had requested the Court review the class action lawsuit against it that came from two separate incidents. The first occurred in June 2014, followed...

EmblemHealth Data Breach Leads to $575K NY State Settlement

by Elizabeth Snell

New York Attorney General Eric Schneiderman announced that a $575,000 settlement had been reached in the EmblemHealth data breach case, following a mailing error incident that exposed 81,122 Social Security numbers. The health plan discovered...

70K Notified in Tufts Health Plan Data Breach in Vendor Error

by Elizabeth Snell

A vendor that handles the mailing of member identification (ID) cards reportedly sent out envelopes with patient information visible in the mailing window, which created a Tufts Health Plan data breach. Tufts Medicare Preferred ID cards were...

Physical Safeguard Need Underlined in Recent VA Privacy Protocols

by Elizabeth Snell

A recent data breach involving old records from hospital patients, employees, and job applicants has led a VA medical center to launch new data privacy protocols. The John J. Pershing VA Medical Center said that it will be improving its...

Stakeholders Desire Clarification on Secure Data Exchange in TEFCA

by Elizabeth Snell

ONC must further clarify secure data exchange aspects in its Trusted Exchange Framework and Common Agreement (TEFCA) draft, and also explain how HIPAA regulations will apply, according to industry stakeholders. One of the TEFCA principles discusses...

CarePlus Health Reports PHI Data Breach Impacting 11K

by Elizabeth Snell

A series of programming and printing errors resulted in Explanation of Benefits (EOB) letters being sent to the incorrect CarePlus Health Plan members, an organization spokesperson confirmed to HealthITSecurity.com. Approximately 11,200 individuals...

Common Rule Interim Version Released, Exempts HIPAA Research

by Elizabeth Snell

More secondary research of EHR data will be enabled through the recently announced interim version of the Federal Policy for the Protection of Human Subjects, or the Common Rule. Certain low-risk studies, such as observational studies meant to...

How the FTC Act, HIPAA Privacy Rule Impact Healthcare Orgs

by Elizabeth Snell

Collecting and sharing consumer health information is fairly standard practice for covered entities and their business associates. Organizations must ensure that they remain in compliance with the HIPAA Privacy Rule throughout that entire process,...

Class-Action Lawsuit Filed after Allscripts Ransomware Attack

by Elizabeth Snell

Florida-based Surfside Non-Surgical Orthopedics, P.A. (Orthopedics) filed a class-action lawsuit in the wake of the Allscripts ransomware attack that took place on January 18, 2018. Allscripts’ EHR system was infected by SamSam ransomware,...

KS Healthcare Organization Fined over Unsecured Patient Data

by Elizabeth Snell

Topeka, Kansas-based Pearlie Mae’s Compassion and Care LLC recently agreed to pay an $8,750 civil penalty after allegations that it had unsecured patient data in one of its office locations. Defendants Ann Marie Kaiser and Jenell Jones...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks