Image by veeliam via Flickr
The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information.
The security rule of the Health Insurance Portability and Accountability Act (HIPAA) requires that providers, payment plans and their [...]
Image via Wikipedia
By Erin Allday, SF Chronicle
Hackers may have had access to personal information for about 600 UCSF patients as a result of an Internet “phishing” scam, campus officials said Tuesday.
The security breach occurred in September when a faculty physician in the UCSF School of Medicine provided a user name and password in response to [...]
Image via Wikipedia
Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to [...]
Another stolen laptop puts thousands of people’s personal data at risk but this time it’s the caregivers — not the patients — who are at risk.
November 6, 2009
By Larry Barrett:
More than 10,000 physicians’ and dentists’ personal data was exposed last week in New Hampshire after an employee at Anthem Blue Cross and Blue Shield transferred [...]
Usually security breach occurs due to lack of basic security controls or lack of effective control which is not relevant over the time. Security controls also disintegrate over the time due to lack of maintenance and monitoring.
According to Privacy Rights Clearinghouse survey, the top three breaches resulted from laptop theft, software or human error, and [...]
Image by Kestelnon via Flickr
Hipaa Plain and Simple: A Compliance Guide for Healthcare Professionals
How ARRA and HITECH provisions will affect HIPAA compliance. We will highlight the changes to HIPAA due to these new provisions and discuss a possible solution, how to comply with these new HIPAA security and privacy requirements. American Recovery and Reinvestment Act [...]
Image by lodev via Flickr
The core technology utilized in the cloud computing is virtualization. Some organization may not want to jump into cloud computing because of inherent risks can take a shot at virtualization in their data centers. Virtualization can be utilized to reduce hardware cost and utility cost. Organization that might have 100 servers [...]
Last year the department of Health and Human Services (HHS) started penalizing healthcare organizations for security breaches and lack of security program. Healthcare stimulus bill says that HHS will post a breach of healthcare organization on their website. In both cases the intent is clear that HHS want to hold healthcare organizations accountable for security [...]
Security review is performed to identify and analyze risks and weaknesses in the current security posture of an organization. An ISO assessment is performed utilizing international standard ISO 27002 and company security policy, the purpose of the review is to evaluate the information security posture of an organization based on international standard. The level of [...]
