Posts Tagged ‘Health care’

OCR draft guidelines for security risk analysis

Image by veeliam via Flickr The Health & Human Services Department published draft guidance to help healthcare providers and payers figure out what is expected of them in doing a risk analysis of their protected patient health information. The security rule of the Health Insurance Portability and Accountability Act (HIPAA) requires that providers, payment plans […]

Comments (2)

Healthcare ID theft may rise with digital records

By Margaret Collins BLOOMBERG NEWS Sierra Morgan was billed $12,000 on her health care credit card in November for liposuction, a procedure she never requested or received. “It’s depressing to know that someone used my name and knows so much about me,” said Morgan, 31, a respiratory therapist from Modesto, Calif. There were more than […]

Comments (1)

Health Net healthcare data breach affects1.5 million

Image via Wikipedia Here we have another unnecessary major security breach in a large healthcare organization which resulted in a loss of patient data demonstrating poor baseline security. They clearly are not ready for the new HIPAA provision ARRA and HITECH. Review my threats page and evaluate your current business and system risks to make […]

Comments (14)

Healthcare Organizations May Not Be Prepared for HITECH and Other Security Challenges

Healthcare Organizations May Not Be Prepared for HITECH and Other Security Challenges HIMSS News The Healthcare Information and Management Systems Society releases its 2nd Annual Security Survey, sponsored by Symantec CHICAGO (November 3, 2009) – With the American Recovery and Reinvestment Act underway, healthcare organizations face new challenges to maintain privacy and security of patient […]

Leave a Comment

HIPAA accountability and security program

Last year the department of Health and Human Services (HHS) started penalizing healthcare organizations for security breaches and lack of security program. Healthcare stimulus bill says that HHS will post a breach of healthcare organization on their website. In both cases the intent is clear that HHS want to hold healthcare organizations accountable for security […]

Comments (2)