Blog Archives

80 million patient records breached in Anthem hack

Health insurance giant Anthem reports that it has been the target of a cyberattack exposing tens of millions of customer records. Anthem, until very recently known as WellPoint, the largest of the Blue Cross Blue Shield for-profit managed health care

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , ,

FDA issues final guidance to medical device makers on cybersecurity

In its final guidance issued last week, the Food and Drug Administration is requesting that device makers assess what information hackers might target in connection with their devices, how hackers might attempt to access the information, and how device makers

Posted in ARRA, HITECH Act Tagged with: , , , , , , , , , , , , , , , , , ,

ONC’s EHR security provisions inadequate says OIG

Healthcare providers cannot attest to meaningful use unless they use certified EHR software. Providers purchasing certified EHR software tend to assume that a certified EHR has been rigorously tested and can be counted on to ensure protection of patient data.

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , ,

New hope for resolving thorny sensitive PHI issues in health data exchanges

Uncertainty and disagreement regarding how to handle behavioral and other sensitive healthcare data such as HIV and reproductive health records has been a stumbling block for healthcare in various ways. Potential patients don’t seek help because of fear their records

Posted in ARRA, Higher Ed, HIPAA, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , ,

Advocate Health Care already facing first lawsuit for July 15 breach involving 4 million EHR patient records

Chicago area Advocate Health Care suffered the country’s biggest health care record breach to date on July 15 – when four unencrypted laptops containing over four million patient records were stolen.  Seven weeks later the legal repercussions to July’s event

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Settlement of first small scale HIPAA breach announced by HHS

In a sign that HHS is serious about small data breaches, the Office of Civil Rights (OCR) and The Hospice of North Idaho reached a settlement agreement to resolve allegations of a 2010 breach involving 441 patient records. OCR Director Leon Rodriguez

Posted in ARRA, Higher Ed, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

3.8 million record breach in South Carolina: lessons learned

Hackers recently infiltrated South Carolina’s state tax records, absconding with the largest haul to date of Social Security numbers, credit and debit card numbers from a state agency. State officials describe how the theft was worked, and list enhanced security

Posted in ARRA, Higher Ed, HIPAA, HITECH Act, News, Privacy & Security Tagged with: , , , , , , , , , , , , , , , , , , , , , , ,

Laptop theft costs Massachusetts provider $1.5 million in HHS settlement

Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates (MEEI) will be paying HHS $1.5 million in installments over three years for a 2010 incident.  It is worth noting that OCR also reached a $1.5 million settlement with

Posted in ARRA, HIPAA Tagged with: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,