Blog Archives

80 million patient records breached in Anthem hack

Health insurance giant Anthem reports that it has been the target of a cyberattack exposing tens of millions of customer records. Anthem, until very recently known as WellPoint, the largest of the Blue Cross Blue Shield for-profit managed health care

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , ,

California courts: Sutter Health not liable in $4.25 billion data breach case

In a development sure to draw attention, the California Supreme Court last week upheld a lower court’s dismissal of the $4.25 billion case against Sutter Health arising from an October 2011 data breach.  A password-protected computer full of unencrypted data,

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , ,

Medical info now 10 times more valuable than financial data on the black market

Credit card numbers have dropped precipitously in value in recent years as PHI replaces it on the underground market. Why? Cyber criminals use the PHI to engage in medical fraud which, because of its complexity, may continue undetected for years.

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , , ,

FDA issues final guidance to medical device makers on cybersecurity

In its final guidance issued last week, the Food and Drug Administration is requesting that device makers assess what information hackers might target in connection with their devices, how hackers might attempt to access the information, and how device makers

Posted in ARRA, HITECH Act Tagged with: , , , , , , , , , , , , , , , , , ,

Advocate Health Care already facing first lawsuit for July 15 breach involving 4 million EHR patient records

Chicago area Advocate Health Care suffered the country’s biggest health care record breach to date on July 15 – when four unencrypted laptops containing over four million patient records were stolen.  Seven weeks later the legal repercussions to July’s event

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Settlement of first small scale HIPAA breach announced by HHS

In a sign that HHS is serious about small data breaches, the Office of Civil Rights (OCR) and The Hospice of North Idaho reached a settlement agreement to resolve allegations of a 2010 breach involving 441 patient records. OCR Director Leon Rodriguez

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Laptop theft costs Massachusetts provider $1.5 million in HHS settlement

Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates (MEEI) will be paying HHS $1.5 million in installments over three years for a 2010 incident.  It is worth noting that OCR also reached a $1.5 million settlement with

Posted in ARRA, HIPAA Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cybersecurity risk management by boards and senior executives: 12 recommendations

According to Forbes, a recent Carnegie Mellon study has found that corporate boards “are not actively addressing cyber risk management.”  The researchers collected data from corporations worldwide and across all industrial sectors, and found that while boards actively attend to risk

Posted in ARRA, HIPAA Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

EHR hackers turn to extortion

Hackers recently struck a small medical practice in suburban Chicago, encrypted the facility’s digital medical records, and then demanded a ransom payment in exchange for allowing the facility to regain access to its records. Medical industry observers note that this

Posted in ARRA, HIPAA Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , ,

Study: Data Breaches Cost U.S. Hospitals Billions

A new study by the Ponemon Institute concluded that data breaches cause enormous losses for U.S. hospitals:  on average, over a two-year period, each hospital will incur about $2 million in losses due to data breaches, which results in $12

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , ,

Rising numbers and costs of data breaches

There is little doubt that the healthcare industry must prepare for a growing number of – and expanding costs associated with – data breaches, particularly for breaches of protected health information.  Here are just a few notable reports on this

Posted in ARRA Tagged with: , , , , , , , , , , , , , , , , ,