Posts Tagged ‘Health Insurance Portability and Accountability Act’

OCR draft guidelines for security risk analysis

Image by veeliam via Flickr The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information. The security rule of the Health Insurance Portability and Accountability Act (HIPAA) requires that providers, payment plans […]

Comments (2)

Internet security breach found at UCSF

Image via Wikipedia By Erin Allday, SF Chronicle Hackers may have had access to personal information for about 600 UCSF patients as a result of an Internet “phishing” scam, campus officials said Tuesday. The security breach occurred in September when a faculty physician in the UCSF School of Medicine provided a user name and password […]

Comments (2)

Health Net healthcare data breach affects1.5 million

Image via Wikipedia Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to make […]

Comments (14)

Laptop Heist Exposes Doctors’ Personal Data

Another stolen laptop puts thousands of people’s personal data at risk but this time it’s the caregivers — not the patients — who are at risk. November 6, 2009 By Larry Barrett: More than 10,000 physicians’ and dentists’ personal data was exposed last week in New Hampshire after an employee at Anthem Blue Cross and […]

Comments (5)

Security controls and ISO 27002

Usually security breach occurs due to lack of basic security controls or lack of effective control which is not relevant over the time. Security controls also disintegrate over the time due to lack of maintenance and monitoring. According to Privacy Rights Clearinghouse survey, the top three breaches resulted from laptop theft, software or human error, […]

Comments (2)

How ARRA and HITECH provisions affect HIPAA compliance

Image by Kestelnon via Flickr HIPAA Plain and Simple How ARRA and HITECH provisions will affect HIPAA compliance. We will highlight the changes to HIPAA due to these new provisions and discuss a possible solution, how to comply with these new HIPAA security and privacy requirements. American Recovery and Reinvestment Act of 2009 (ARRA) was […]

Comments (20)

Virtualization and compliance

Image by lodev via Flickr The core technology utilized in the cloud computing is virtualization. Some organization may not want to jump into cloud computing because of inherent risks can take a shot at virtualization in their data centers. Virtualization can be utilized to reduce hardware cost and utility cost. Organization that might have 100 […]

Comments (2)

HIPAA accountability and security program

Last year the department of Health and Human Services (HHS) started penalizing healthcare organizations for security breaches and lack of security program. Healthcare stimulus bill says that HHS will post a breach of healthcare organization on their website. In both cases the intent is clear that HHS want to hold healthcare organizations accountable for security […]

Comments (2)

ISO27k and compliance

Security review is performed to identify and analyze risks and weaknesses in the current security posture of an organization. An ISO assessment is performed utilizing international standard ISO 27002 and company security policy, the purpose of the review is to evaluate the information security posture of an organization based on international standard. The level of […]

Leave a Comment