Healthcare Information Security

PHI Security

Former UPMC Worker Indicted for HIPAA Violations

July 2, 2018 - Linda Sue Kalina, a former patient information coordinator at University of Pittsburgh Medical Center (UPMC), was indicted by a federal grand jury in Pittsburgh for HIPAA violations. The Butler County resident was charged on six counts of wrongfully obtaining and disclosing PHI of another person, the Department of Justice (DoJ) announced June 29. Kalina was employed as a patient...


More Articles

IT Worker Uncovers Hospital Pagers with Poor PHI Data Security

by Fred Donovan

A county IT worker recently discovered that certain hospitals in Missouri and Kansas had poor PHI data security for their pagers. Using an antenna he purchased to receive TV channels on his laptop, the worker was able to pick up...

Public Server Exposure Creates PHI Data Security Worries for 200K

by Fred Donovan

Unsecured files on a public FTP server maintained by Arkansas-based practice management software provider MedEvolve may have caused a PHI data security breach for more 200,000 patients, reported DataBreaches.net. Most of the patient files...

Reported Malware Creates PHI Data Security Concern for 12K in FL

by Fred Donovan

Malware that infected a number of Florida Hospital websites may have created a PHI data security issue, the Orlando Sentinel reported May 2. Patient information that could have been exposed includes patient names, email addresses, phone...

Top 5 Healthcare Data Security, Infrastructure Threats

by Bill Kleyman

We’ve had the chance to discuss all of the amazing new solutions and technologies impacting the healthcare world, as well as healthcare data security. We know that IoT, telemedicine, and new healthcare services are all...

Blue Shield of California Reports PHI Data Breach

by Fred Donovan

Blue Shield of California admitted to a PHI data breach involving an insurance broker who was not authorized to receive patient information, according to a breach notification submitted to the California Attorney General’s...

Uber Health Prioritizes Patient Data Security, HIPAA Compliance

by Elizabeth Snell

Ridesharing company Uber launched a platform in March 2018 that aimed to provide more transportation options to patients. Individuals can use Uber Health to get a ride to their provider, while being reassured that HIPAA compliance remains...

Proper Paper Records Disposal Necessary for PHI Data Security

by Elizabeth Snell

Even as healthcare providers are increasingly implementing EHRs and patient data is being transferred to electronic form, organizations cannot overlook PHI data security measures with their paper records. Researchers at Toronto's St....

Data Security Key Consideration for Healthcare Blockchain Success

by Elizabeth Snell

Healthcare data security, data storage, data availability, and confidentiality are some of the most important characteristics in the application of healthcare blockchain, according to the latest edition of Blockchain in...

Primary Health Care PHI Data Security Incident Affects 10K

by Elizabeth Snell

Unauthorized access to employee email accounts may have led to a PHI data security incident at Primary Health Care Inc. (PHC), according to an organization statement. PHC discovered the access to four employee accounts and the related...

AHIMA Continues Push for Balance in Patient Data Access, Security

by Elizabeth Snell

Healthcare professionals should have access to their patients’ entire medical history, but patient data access and data security measures must also be considered, AHIMA members said in meetings with Congress today. Access to...

134K Possibly Affected in St. Peter’s Server Data Breach

by Elizabeth Snell

An unauthorized third party gained access to St. Peter’s Surgery & Endoscopy Center (the Center) servers on January 8, 2018, according to an online statement. The potential data breach was discovered on the same day of the...

70K Notified in Tufts Health Plan Data Breach in Vendor Error

by Elizabeth Snell

A vendor that handles the mailing of member identification (ID) cards reportedly sent out envelopes with patient information visible in the mailing window, which created a Tufts Health Plan data breach. Tufts Medicare Preferred ID cards...

Physical Safeguard Need Underlined in Recent VA Privacy Protocols

by Elizabeth Snell

A recent data breach involving old records from hospital patients, employees, and job applicants has led a VA medical center to launch new data privacy protocols. The John J. Pershing VA Medical Center said that it will be improving...

How the FTC Act, HIPAA Privacy Rule Impact Healthcare Orgs

by Elizabeth Snell

Collecting and sharing consumer health information is fairly standard practice for covered entities and their business associates. Organizations must ensure that they remain in compliance with the HIPAA Privacy Rule throughout that entire...

Hospital Data Breaches Most Common, Affect the Most Patients

by Elizabeth Snell

Hospital data breaches accounted for approximately 30 percent of large data security incidents reported to OCR from 2009 to 2016, according to a study published in the American Journal of Managed Care (AJMC). The largest number of...

Filefax PHI Disclosure Leads to $100K OCR HIPAA Settlement

by Elizabeth Snell

Filefax, Inc. went out of business in 2017, but that does not mean that an OCR HIPAA settlement can be avoided due to an earlier PHI disclosure, according to OCR. A company that was appointed as a receiver to liquidate Filefax’s...

Smiths Medical Releases Firmware Update for Medical Device Security

by Elizabeth Snell

Smiths Medical recently released a firmware update to eliminate potential medical device security vulnerabilities that had been discovered by an independent researcher earlier in 2017. The vulnerabilities may have allowed remote attackers...

New York Reaches $1.15M Settlement over Aetna Data Breach

by Elizabeth Snell

New York Attorney General Eric Schneiderman announced that a $1.15 million settlement has been reached following the Aetna data breach that occurred in 2017. Aetna sent letters to patients in the mail back in July 2017. Information about...

KS Healthcare Organization Fined over Unsecured Patient Data

by Elizabeth Snell

Topeka, Kansas-based Pearlie Mae’s Compassion and Care LLC recently agreed to pay an $8,750 civil penalty after allegations that it had unsecured patient data in one of its office locations. Defendants Ann Marie Kaiser and Jenell...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks