HHS Issues Partial Waiver of Sanctions and Penalties for Privacy Rule...
During emergencies such as natural disasters, complying with all HIPAA Privacy Rule provisions can be a challenge for hospitals and can potentially have a negative impact on patient care and disaster...
View Article106,000 Mid-Michigan Physicians’ Patients Potentially Impacted by Breach
The protected health information of 106,000 current and former patients of the radiology center of Mid-Michigan Physicians has potentially been compromised. McLaren Medical Group, which manages...
View ArticleU.S. Senate Passes Jessie’s Law to Help Prevent Drug Overdoses
West Virginia senators Joe Manchin and Shelley Moore Capito have announced that Jessie’s Law has been passed by the Senate. The legislation is intended to ensure doctors are provided with details of a...
View ArticleDocuments Containing PII Discovered in Used Office Furniture
Prior to disposing or selling office furniture, HIPAA-covered entities should ensure that all drawers and compartments are inspected for any stray documents containing sensitive information. The...
View ArticleWant to Prevent Data Breaches? Time to Go Back to Basics
Intrusion detection systems, next generation firewalls, insider threat management solutions and data encryption will all help healthcare organizations minimize risk, prevent security breaches, and...
View ArticleHealthcare Hacking Incidents Overtook Insider Breaches in July
Throughout 2017, the leading cause of healthcare data breaches has been insiders; however, in July hacking incidents dominated the breach reports. Almost half of the breaches (17 incidents) reported in...
View ArticleNIST Updates Digital Identity Guidelines and Tweaks Password Advice
The National Institute of Standards and Technology (NIST) has updated its Digital Identity Guidelines (NIST Special Publication 800-63B), which includes revisions to its advice on the creation and...
View ArticleLawsuit Filed Against Aetna for Disclosure of HIV Status of Patients
A class action lawsuit has been filed against Aetna following a privacy breach that saw the HIV positive status of up to 12,000 individuals impermissibly disclosed. Details of prescribed HIV...
View ArticleHHS Issues Partial Waiver of Sanctions and Penalties for Privacy Rule...
During emergencies such as natural disasters, complying with all HIPAA Privacy Rule provisions can be a challenge for hospitals and can potentially have a negative impact on patient care and disaster...
View Article106,000 Mid-Michigan Physicians’ Patients Potentially Impacted by Breach
The protected health information of 106,000 current and former patients of the radiology center of Mid-Michigan Physicians has potentially been compromised. McLaren Medical Group, which manages...
View ArticleFormer Employee of The Neurology Foundation Discovered to Have Obtained...
The Neurology Foundation in Providence, RI has investigated an employee who had been discovered to be using a company credit card to make unauthorized purchases. The investigation revealed that...
View ArticleAlaska DHSS Discovers Malware Infection and Possible PHI Breach
A Trojan horse virus has been discovered on two computers used by the Alaska Department of Health and Social Services. The virus potentially allowed malicious actors to gain access to the data stored...
View ArticleOCR Head Expects Major HIPAA Settlement for a Big, Juicy, Egregious Breach in...
Roger Severino, the Director of the Department of Health and Human Services’ Office for Civil Rights (OCR) has stated his main enforcement priority for 2017 is to find a “big, juicy, egregious” HIPAA...
View ArticleMailing Error and PHI Breach Underscores Need for Greater Oversight
Healthcare organizations must take care not to expose protected health information in mailings. Recently, there have been two incidents reported that involved sensitive information being disclosed as a...
View ArticleOCR Stresses Need for Covered Entities to Prepare for Hurricanes and Other...
Hospitals in Texas and Louisiana had to ensure medical services continued to be provided during and after Hurricane Harvey, without violating HIPAA Rules. Questions were raised about when it is...
View ArticleFDA Releases Final Premarket Guidance for Medical Device Manufacturers on...
The U.S. Food and Drug Administration (FDA) has released final guidance on medical device interoperability, making several recommendations for smart, safe, and secure interactions between medical...
View ArticleLimited HIPAA Waiver Granted to Hospitals in Irma Disaster Zone
A public health emergency has been declared in areas of the U.S. Virgin Islands, Puerto Rico, and Florida affected by Hurricane Irma. As was the case in Texas and Louisiana after Hurricane Harvey, the...
View ArticleHospital Staff Discovered to Have Taken and Shared Photographs of Patient’s...
An investigation has been conducted into a privacy violation at the University of Pittsburgh Medical Center’s Bedford Memorial hospital, in which photographs and videos of a patient’s genitals were...
View ArticleHospital Employee Fired Over 26,000-Record Arkansas DHS Privacy Breach
A former employee of the Arkansas Department of Human Services (DHS) has been fired from her new position at the state hospital for emailing spreadsheets containing the protected health information of...
View ArticleAugusta University Medical Center Phishing Attack Took Three Months to Discover
An Augusta University Medical Center phishing attack has resulted in an unauthorized individual gaining access to the email accounts of two employees. It is unclear when the phishing attack was...
View Article