Healthcare Information Security


VA Cybersecurity Vulnerabilities Still Exist, Says GAO

by Elizabeth Snell

A report shows that the VA has not done enough to mitigate potential cybersecurity risks. The Department of Veterans Affairs (VA) has not fully addressed all of its cybersecurity vulnerabilities, according to a recent US Government Accountability...

PHI Incidents Affect 640 Veterans in October, Says VA Report

by Elizabeth Snell

The VA released its monthly report to Congress on data breach incidents, which included the exposure of veterans’ PHI. The US Department of Veterans Affairs released its monthly data incidents report to Congress for October, some of which...

How MyHealthDirect Achieved HITRUST Certification

by Elizabeth Snell

Healthcare organizations of all sizes work diligently to ensure that they remain HIPAA-compliant while also providing high-quality patient care. There are security, privacy, and regulatory guidelines that must be adhered to, and implemented in...

Comments Sought On NIST Cyber Threat Sharing Guide

by Elizabeth Snell

NIST released a guide on cyber threat information sharing, and is seeking comments through November 28. The Department of Commerce’s National Institute of Standards and Technology (NIST) drafted a guide on cyber threat information sharing and...

PHI Exposed on Emails to Anthem Blue Cross Members

by Elizabeth Snell

It is not yet clear if Anthem Blue Cross members receiving emails with their PHI in the subject line will warrant a data breach notification. Earlier this week, Anthem Blue Cross members in California had a bit of a surprise when they received...

Healthcare Privacy Policies Must Be Stronger, Says AMA

by Elizabeth Snell

The AMA recently released policies describing how health insurers need to take greater care in ensuring healthcare privacy for patients. It would be greatly beneficial to patients if healthcare privacy policies were stronger, according to newly...

Penn. Health Insurer Suffers Potential Data Breach

by Elizabeth Snell

A health insurer is facing a potential data breach due to a computer server reported missing after an office move. Even with strong administrative safeguards and comprehensive firewalls, a health data breach can occur if employees at an organization...

Doctors Can Be Sued for HIPAA Negligence, Says Conn. Court

by Elizabeth Snell

The state Supreme Court ruled that physicians can be sued for HIPAA negligence if it violates certain regulations. Patients can sue a medical office for HIPAA negligence if it violates regulations that dictate how healthcare organizations must...

Simplicity is Key for HIE and EHR Interoperability

by Elizabeth Snell

More healthcare organizations across the nation are working toward interoperability, while also ensuring that they abide by federal regulations in terms of HIEs, EHRs, and patient security. The move from paper-based systems to electronic ones...

PHI ‘Mishandling’ by Montana VA Leads to Possible Data Breach

by Elizabeth Snell

A healthcare data breach possibly occurred in Montana when PHI was mailed to the wrong individual. The VA Montana Health Care System is facing a potential health data breach after a veteran’s PHI was accidentally mailed to the wrong person....

Unencrypted Discs with PHI Create Potential Health Data Breach

by Elizabeth Snell

The Arizona State Retirement System is facing a potential healthcare data breach after unencrypted discs with PHI went missing in the mail. When healthcare organizations fail to encrypt patients’ PHI, it is likely just a matter of time before...

Health Data Encryption is Critical Aspect for PHI Security

by Elizabeth Snell

In an effort to keep patient information secure, more healthcare organizations are calling for health data encryption precautions. New Jersey even announced recent legislation that requires health insurers to encrypt patient health information....

PHI Encryption Necessary, Says Proposed NJ Bill

by Elizabeth Snell

Health insurers should be required to encrypt patients’ protected health information, according to a proposed bill in New Jersey. Personal health information (PHI) should be encrypted on all health insurers’ computers, according to a...

Why Protecting PHI Must Be Top a Priority for the IRS

by Elizabeth Snell

The IRS must work harder to keep PHI protected, according to a report by the Treasury Inspector General for Tax Administration. While the Internal Revenue Service (IRS) is authorized to disclose limited tax information to the HIEs and marketplaces...

Potential Health Data Breach, 40,000 Patient Records Stolen

by Elizabeth Snell

A New Jersey doctor’s storage shed was reportedly broken into and 40,000 patient records were stolen. The case of a potential health data breach in New Jersey has grown stranger throughout the week. On Tuesday, Dr. Nisar A. Quraishi found...

Healthcare Data Breach News: Pa. Server Hacked; Records Found Dumped

by Elizabeth Snell

A Pennsylvania healthcare service said it had a potential data breach incident and medical records were also found outside a Michigan facility. A Pennsylvania healthcare service confirmed last week that it had a data breach incident where personal...

AMA: MU Secure Messaging Criteria Should Be Optional

by Elizabeth Snell

Meaningful Use secure messaging was one of several issues discussed in a blueprint created by the American Medical Association last week. The Centers for Medicare and Medicaid Services (CMS) should make the “view-download-transmit,”...

‘Small Number’ Of Laptops With PHI Missing From Ambulances

by Elizabeth Snell

Over a period of approximately three years, a “small number” of laptops have gone missing from ambulances in the Dallas area. The laptops in question disappeared between January 1, 2011, and August 29, 2014, according to the Dallas Morning...

Laptop With PHI Stolen From Ga. Health Employee’s Car

by Elizabeth Snell

The Georgia Department of Behavioral Health and Developmental Disabilities (DBHDD) announced earlier this week that a laptop containing protected health information (PHI) of approximately 3,000 patients was stolen from an employee’s car on...

Will New ‘Poodle’ Web Threat Affect Health Data Security?

by Elizabeth Snell

Cyber security is crucial for many organizations, and the healthcare industry is no different. While the most recent discovery of a security bug in numerous types of web encryption technology is not seen as serious as past threats, it’s still...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks