Healthcare Information Security

PHI Security

41% of Health Data Breaches Stem from Unintended Disclosure

October 17, 2017 - Unintended data disclosure, such as emails containing PHI sent to the wrong recipient or servers left publicly accessible, accounted for 41 percent of reported health data breaches the first nine months in 2017, according to research from Beazley. The second most common issue was from hacking or malware incidents (19 percent), followed by insider incidents (15 percent), and physical loss (8...


More Articles

Will Common Rule Changes Impact Health Data Security?

by Elizabeth Snell

The American Medical Informatics Association (AMIA) reiterated its support of considered changes to the Federal Policy for the Protection of Human Subjects, or the Common Rule. Adjustments to the Common Rule could also have an impact on certain...

Kromtech Security Discovers Health Data Breach of 150K Patients

by Elizabeth Snell

Kromtech Security researchers found a potential publicly accessible Amazon S3 repository that may have led to a health data breach impacting over 150,000 individuals, according to a company report. “Patient Home Monitoring” is...

Partnership Stressed in IoMT Medical Device Cybersecurity Bill

by Elizabeth Snell

Two state representatives introduced a medical device cybersecurity bill this week that focuses on centralizing current and relevant frameworks, guidelines, and standards for Internet of Medical Things (IoMT) devices. There must be collaboration...

Using Secure Texting for Improved Patient Care, Data Security

by Elizabeth Snell

Implementing new technical solutions, such as secure texting, can help healthcare providers of all sizes and in different locations better care for patients and ensure PHI security. Regardless of where an organization is based though, federal...

Maintaining Healthcare Data Security with File Sharing Options

by Bill Kleyman

I still find challenges within the healthcare world when it comes to file sharing and data management. Sure, we can remove Dropbox or other types of file sharing mechanisms, but are we making the user experience worse? And, are we really plugging...

Cyberattacks Threaten Thousands of Patient Health Records

by Kate Monica

A part of smaller specialty practices have allegedly suffered cyberattacks at the hands of the same team of hackers.* Editor's note: An earlier version of this article incorrectly described the hacking incidents as ransomware attacks. TheDarkOverlord...

How Health Data Security Relates to Healthcare Biometrics

by Elizabeth Snell

Increasing government initiatives for improved health data security and privacy have helped aid to the growth of the healthcare biometrics market, according to a recent MarketsandMarkets report. More healthcare facilities are looking to combat...

73 Percent of Medical Professionals Share Passwords for EHR Access

by Kate Monica

A recent study examined the prevalence of password sharing among healthcare providers and found nearly three-quarters of surveyed medical professionals have used another staff member’s password to obtain EHR access at work. The study by...

How Vendors, Providers Can Create Strong Health Data Security

by Elizabeth Snell

When it comes to maintaining HIPAA compliance, both healthcare providers and their chosen third-party vendors – or business associates – need to work together for comprehensive and current health data security. Compliance can get...

CO Hospital Email Breach Possibly Exposes PHI of 3.4K Families

by Kate Monica

Children’s Hospital Colorado recently informed patients of a potential security breach possibly affecting the PHI of nearly 3,400 patient families. On July 11, 2017, Children’s Colorado discovered an employee’s email account...

How HIPAA Rules Apply with Law Enforcement Investigations

by Elizabeth Snell

HIPAA rules are meant to protect patient information, but what happens when there is a law enforcement investigation? Are police officers allowed to demand PHI without a warrant? That issue was brought forth in August 2017 when video was released...

Mount Sinai St. Luke’s Sued Following HIPAA Violation

by Elizabeth Snell

New York-based Mount Sinai St. Luke’s Hospital is being sued for faxing patient PHI to the patient’s employer, a reported HIPAA violation that has already resulted in an OCR HIPAA settlement. The Law Offices of Jeffrey Lichtman represent...

OCR Urges Disaster Recovery, Health Data Backup in Storm Prep

by Elizabeth Snell

As healthcare organizations prepare for potential natural disasters, it is essential that they have contingency plans in place that include a data backup plan and disaster recovery plan, according to a recent OCR release. Hurricane Irma is predicted...

Why Halifax Health Opted for a New Secure Texting Option

by Elizabeth Snell

There is a fine line between implementing innovative technologies, such as secure texting solutions, and ensuring healthcare data security. Additionally, physician and clinician workflow must also be considered with any new systems or devices....

Ransomware Attack May Impact 19K Oncology Hematology Patients

by Kate Monica

On June 17, 2017, Medical Oncology Hematology Consultants, PA suffered a ransomware attack potentially impacting some patient EHRs on the practice’s server and computer workstations, according to an online statement. The potentially affected...

Stakeholders Highlight Secure Exchange in Comments to ONC

by Elizabeth Snell

In response to the 21st Century Cures Act Trusted Exchange Framework and Common Agreement from ONC, organizations have been submitting comments focusing on secure exchange, the need for standardization, and non-discrimination in...

Kentucky HIPAA Violation Case Ruling Held by Appeals Court

by Elizabeth Snell

A Kentucky hospital was found to have acted lawfully when it fired a nurse for committing a HIPAA violation, according to the Kentucky Court of Appeals. The Appeals Court held a lower court’s dismissal of the nurse’s claim that her...

OCR: Staff Training Key for Data Security, Avoiding Scams

by Elizabeth Snell

Healthcare organizations should ensure they are implementing strong staff training measures to maintain data security in the wake of Hurricane Harvey, according to the August OCR Cybersecurity Newsletter. Potential scammers may try and take advantage...

HHS Reviews HIPAA Rules Following Hurricane Harvey

by Elizabeth Snell

Healthcare providers can face numerous challenges during natural disasters, including adhering to HIPAA rules while working to provide proper patient care through an emergency. HHS recently released a bulletin to help guide covered entities through...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks