Archive for the ‘hipaa’ Category

8 tactics for mobile data privacy and security

By Mary Mosquera With the sweeping use of mobile devices by healthcare providers, physicians and hospitals need to embrace best practices for protecting sensitive patient data, privacy experts say. For example, encrypt sensitive data when it is necessary to store on wireless devices. Sixty-four percent of physicians own a smartphone and one third of them […]

Leave a Comment

HIPAA poses greatest compliance challenges for information security

The Health Insurance Portability and Accountability Act (HIPAA) is the most challenging information security regulation for businesses to implement, according to a survey by IT management products firm Ipswitch. According to an Ipswitch survey of 100,000 network administrators, 38.2% said that HIPAA was the most challenging information security regulation to implement, followed by the Sarbanes-Oxley […]

Comments (2)

Due diligence is the cost of doing business for healthcare

According to an estimates, the Healthcare in US may be vulnerable to $6 billion annually from data losses in various forms. A survey done by the privacy and data-management firm Ponemon Institute found that Healthcare organizations are still using primitive data management techniques and run the risk of spending an average of US $1 million […]

Leave a Comment

Risky business

Image by purpleslog via Flickr By Mary Mosquera Last year’s HITECH Act toughened the rules and enforcement penalties health information handlers must follow to protect patient privacy. Under the new policy regime, providers will have to pay more attention to the confidentiality and safety of patient information as they move more of their operations toward […]

Leave a Comment

Security glitch exposes WellPoint data again

Image via Wikipedia By Tom Murphy INDIANAPOLIS – WellPoint Inc. has notified 470,000 individual insurance customers that medical records, credit card numbers and other sensitive information may have been exposed in the latest security breach of the health insurer’s records. The Indianapolis company said the problem stemmed from an online program customers can use to […]

Leave a Comment

OCR draft guidelines for security risk analysis

Image by veeliam via Flickr The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information. The security rule of the Health Insurance Portability and Accountability Act (HIPAA) requires that providers, payment plans […]

Comments (2)

Healthcare ID theft may rise with digital records

By Margaret Collins BLOOMBERG NEWS Sierra Morgan was billed $12,000 on her health care credit card in November for liposuction, a procedure she never requested or received. “It’s depressing to know that someone used my name and knows so much about me,” said Morgan, 31, a respiratory therapist from Modesto, Calif. There were more than […]

Comments (1)

NorCal’s John Muir hospital warns of breach

Image by Sparticus via Flickr The Associated Press Posted: 04/06/2010 08:31:15 AM PDT WALNUT CREEK, Calif.—More than 5,000 patients in the John Muir hospital system have been warned of a potential security breach after two laptop computers that contained personal and health information were stolen. The laptops were stolen from a perinatal office in Walnut […]

Leave a Comment

HITECH Act increases HIPAA security requirements

by Marcia Savage The health care industry was buzzing with the news: For the first time ever, a hospital was being audited for compliance with HIPAA security requirements. The audit of Piedmont Hospital in Atlanta by the U.S. Department of Health and Human Services’ inspector general in 2007 was surprising for hospitals, health insurers and […]

Leave a Comment

UCSF laptop containing patient files stolen

Image via Wikipedia The Associated Press SAN FRANCISCO—The medical records of more than 4,000 patients at the University of California, San Francisco may have been compromised after a laptop they were on was stolen. Officials with the university said Wednesday the laptop was recovered earlier this month after it was taken from a medical school […]

Comments (7)

Internet security breach found at UCSF

Image via Wikipedia By Erin Allday, SF Chronicle Hackers may have had access to personal information for about 600 UCSF patients as a result of an Internet “phishing” scam, campus officials said Tuesday. The security breach occurred in September when a faculty physician in the UCSF School of Medicine provided a user name and password […]

Comments (2)

Health Net healthcare data breach affects1.5 million

Image via Wikipedia Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to make […]

Comments (14)

Laptop Heist Exposes Doctors’ Personal Data

Another stolen laptop puts thousands of people’s personal data at risk but this time it’s the caregivers — not the patients — who are at risk. November 6, 2009 By Larry Barrett: More than 10,000 physicians’ and dentists’ personal data was exposed last week in New Hampshire after an employee at Anthem Blue Cross and […]

Comments (5)

Healthcare Organizations May Not Be Prepared for HITECH and Other Security Challenges

Healthcare Organizations May Not Be Prepared for HITECH and Other Security Challenges HIMSS News The Healthcare Information and Management Systems Society releases its 2nd Annual Security Survey, sponsored by Symantec CHICAGO (November 3, 2009) – With the American Recovery and Reinvestment Act underway, healthcare organizations face new challenges to maintain privacy and security of patient […]

Leave a Comment

HIPAA and business associate

How ARRA and HITECH provisions affect HIPAA compliance AIS reported taht the new HITECH Act requires hospitals, providers, health plans and other HIPAA covered entities (CEs) to meet a February 2010 deadline for revising their business associate (BA) agreements. New language in BA amendments should require BAs to comply with (a) the HIPAA Security Rule,(b) […]

Comments (5)