Healthcare Information Security

Patient Privacy Rights

OCR Settles with Colorado Provider for $111,000 over HIPAA Failures

December 11, 2018 - The Department of Health and Human Services’ Office for Civil Rights settled with Pagosa Springs Medical Center for $111,400, for failing to terminate a former employee’s access to electronic protected health information after the employment ended. According to officials, the employee continued to have remote access to PSMC’s scheduling calendar, which...


More Articles

EmblemHealth Fined $100K for 2016 Healthcare Data Breach

by Jessica Davis

New Jersey Attorney General Gurbir Grewal fined health insurance vendor EmblemHealth $100,000, for its 2016 health data breach of more than 6,000 New Jersey residents. The New York-based insurer’s subsidiary Group Health is also...

20,000 Patients Impacted by Ransomware Attack on Illinois Specialist

by Jessica Davis

The Center for Vitreo-Retinal Diseases in Illinois recently began notifying 20,371 patients that their data was potentially breached after a ransomware attack in September. On September 18, officials discovered a ransomware attack...

12 States Sue Business Associate for 2015 Health Data Breach

by Jessica Davis

A dozen states have filed a Federal lawsuit against Indiana-based Medical Informatics Engineering (MIE) and subsidiary NoMoreClipboard, over a 2015 hack that breached the data of more than 3.9 million patients nationwide. The Attorneys...

Allergy Associates Settles with OCR for $125K over HIPAA Violation

by Jessica Davis

Connecticut-based Allergy Associates of Hartford settled with the Office for Civil Rights for $125,000, for a 2015 incident involving impermissible disclosure of a patient’s protected health information to a reporter. In February...

AMIA Calls for Federal Alignment of Health Data Privacy Policies

by Jessica Davis

The American Medical Informatics Association is calling on the Trump Administration to better align data privacy policies from both the health and consumer sectors. In a letter to the National Telecommunications and Information...

NIH Reboots Genomic Data Access After Patient Privacy Fears Eased

by Fred Donovan

The National Institutes of Health (NIH) has resumed public access to its genomic summary results after restricting access for ten years over patient privacy concerns. Genomic summary results “convey information relevant to...

New Opioid Law Includes Expanded Patient Data Sharing Provision

by Fred Donovan

President Donald Trump signed into law this week a sweeping opioid measure that includes expanded patient data sharing regarding opioid and other substance addiction treatment information. The law, however, does not include a provision...

Security Leaders Will Need to Protect Patient Privacy at Home

by Fred Donovan

BOSTON – Healthcare security leaders need to think beyond protecting the organization to protecting patient privacy and data security at home in the coming years, observed Christiana Care Health System CISO Anahi Santiago. “At...

Woman Charges WV Firm With Violating Her Patient Privacy Rights

by Fred Donovan

Elizabeth Fry, a resident of Logan County, West Virginia, has filed a state lawsuit in Kanasha Circuit Court charging that Charleston-based Molina Information Systems violated her patient privacy rights by providing third party access to...

Despite Patient Privacy Risks, More People Use Wearables for Health

by Fred Donovan

Despite the patient privacy risks that collecting health data on insecure wearable devices could pose, the number of US consumers tracking their health data with wearables has more than doubled since 2013, according to the Deloitte 2018...

Iowa County Government Employee Alleges HIPAA Violation

by Fred Donovan

An employee of the Iowa’s Mahaska County government alleged that another employee committed a HIPAA violation when she locked a member of the public inside a building where files containing PHI were stored unsecured, the...

NTIA Privacy Principles Plan Parallels NIST Privacy Framework Bid

by Fred Donovan

In parallel with the NIST Privacy Framework effort, the Commerce Department’s NTIA is working on a set of consumer data privacy principles. On Tuesday, it published a request for comment to get consumer and industry feedback on the...

Congress Urged To Align 42 CFR Part 2 With HIPAA Privacy Rule

by Fred Donovan

The Partnership to Amend 42 CFR Part 2 is urging Congress to include the Overdose Prevention and Patient Safety Act (HR 6082), which would align 42 CFR Part 2 with the HIPAA Privacy Rule, in compromise opioid legislation that the House and...

Boston Hospitals Cough Up $1M for ‘Boston Trauma’ HIPAA Violations

by Fred Donovan

OCR announced Sept. 20 that it has fined three Boston-area hospitals close to $1 million for HIPAA violations involving the filming of ABC’s TV series “Save My Life: Boston Trauma.”* OCR reached HIPAA settlements with...

CMS Finds Minnesota Hospital Violated Patient Privacy Rights

by Fred Donovan

Minnesota-based Fairview Southdale Hospital violated patient privacy rights by taping patients without their knowledge or consent during psychiatric evaluations in the emergency room, a CMS investigation concluded. The CMS...

Patient Safety Concerns Driving Medical Device Security Investment

by Fred Donovan

Medical device security and patient data privacy are two of the areas in which the healthcare industry is investing to curb the costs of adverse patient safety events, according to a study by Frost & Sullivan. Other areas of...

Amazon’s Healthcare Push Could Run into HIPAA Compliance Issues

by Fred Donovan

Amazon has been expanding rapidly into the healthcare field, but its approach to patient privacy could use a lot of tweaking if the company doesn’t want to run into HIPAA compliance problems down the road. Amazon has set up a health...

Patient Privacy, Data Security Top Cost for Healthcare Consumers

by Fred Donovan

Consumers ranked patient privacy and data security above cost of care as the most important concerns they have about healthcare, according to a recent survey of 1,000 consumers by health insurance company Aetna. Around 80 percent of...

Hospital Faxes Records to Wrong Person in Apparent HIPAA Violation

by Fred Donovan

OhioHealth’s Grant Medical Center has been sending faxes with patient information to the wrong person for months in an apparent HIPAA violation, reported ABC6 in Columbus, Ohio, on June 18. The information in the faxes...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...