HIPAA | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HIPAA

Pediatric Group Reports Ransomware Attack Impacting 55,000 Patients’ Data

April 6, 2017  |  Heather Landi
news
A pediatrics practice, ABCD Pediatrics, serving the San Antonio, Texas metropolitan area reported that it was hit with a ransomware attack and the virus began encrypting the practice's servers, however, the encryption was slowed significantly by existing...

Report: 72 Percent of Healthcare Employees Are Security "Risks" or Security "Novices"

April 5, 2017  |  Heather Landi
news
Only 28 percent of healthcare employees demonstrated the privacy and security awareness to prevent incidents that could lead to the exposure of protected health information (PHI) and other forms of personal data, according to a recent MediaPro survey.

Trump Administration Appoints Roger Severino to Head Office for Civil Rights

March 24, 2017  |  Heather Landi
news
Roger Severino, a former staffer at The Heritage Foundation, has been appointed as the director of the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS).

Report: 60 Percent of Healthcare Data Breaches in February Came From Within the Organizations

March 20, 2017  |  Heather Landi
news
In February, hacking incidents only accounted for 12 percent of total healthcare data breach incidents, yet insiders were responsible for almost 60 percent of the total breach incidents during the month, which points to a troubling trend, according to the latest...

The Connected Health Initiative Launches ‘HIPAA Check’ Tool for App Developers

March 9, 2017  |  Heather Landi
news
The Connected Health Initiative, with ACT | The App Association, has developed an interactive tool to help software and app developers determine how their technology fits within the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy and...

AHIMA Publishes Toolkit for On-Site OCR HIPAA Phase 2 Audits

March 6, 2017  |  Heather Landi
news
The American Health Information Management Association’s (AHIMA) has released its newest toolkit, the “External HIPAA Audit Readiness Toolkit,” to assist organizations in preparing for Health Insurance Portability and Accountability Act (HIPAA) Phase 2 audits.

HITRUST Develops Security Framework for Small Healthcare Organizations

March 1, 2017  |  Heather Landi
news
The Health Information Trust Alliance, HITRUST, has announced updates to the HITRUST Common Security Framework (CSF) and a new CSF initiative targeting smaller healthcare organizations to support their information risk management programs and improve their cyber...

Study: Cybersecurity Budgets, Staff Growing, but Many Organizations Still Lagging

February 27, 2017  |  Heather Landi
news
Cybersecurity budgets are growing and healthcare organizations are allocating more employees to IT security compared to a year ago, however, despite the progress, significant gaps remain, according to a study from HIMSS Analytics and Symantec released last week...

Live from the CHIME-HIMSS Forum: A Sobering Dive into the Horrors of Hacking

February 19, 2017  |  Mark Hagland
article
Kevin Mitnick, one of the best-known black-hat hackers-turned-white-hat hacking-consultants in the U.S., demonstrated, live, for the CHIME-HIMSS Forum audience on Sunday the incredible ease of penetration via skilled hacking

Memorial Healthcare Systems Agrees to $5.5 Million HIPAA Settlement

February 16, 2017  |  Heather Landi
news
Hollywood, Fla.-based Memorial Healthcare Systems (MHS) agreed to pay the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and...

IBM Report: Insider Threats, Malicious Data Input Pose Biggest Risks to PHI

February 3, 2017  |  Rajiv Leventhal
news
According to a new healthcare data security report from IBM Managed Security Services (MSS) data, insiders were responsible for 68 percent of all network attacks targeting healthcare data in 2016

HITRUST Developing ‘Threat Catalog’ to Enhance Healthcare Cybersecurity

February 2, 2017  |  Heather Landi
news
The non-profit HITRUST Alliance has announced it is developing a risk-based framework, called the Threat Catalogue, to aid healthcare organizations in improving their information security posture by better aligning cyber threats with HITRUST CSF risk factors and...

OCR Fines Children’s Medical Center of Dallas $3.2M Due to HIPAA Non-Compliance

February 1, 2017  | 
news
The HHS Office for Civil Rights (OCR) has fined Children’s Medical Center of Dallas $3.2 million due to a Health Insurance Portability and Accountability Act of 1996 (HIPAA) breach that resulted in the impermissible disclosure of unsecured electronic protected...

Washington Debrief: Update on New Administration

January 30, 2017  |  Leslie Kriegstein, Vice President of Congressional Affairs, CHIME
article
For the second time in as many weeks, Dr. Tom Price (R-GA), spent more than three hours outlining his vision for the nation’s healthcare system before a Senate Committee.

Insurer to Pay $2.2M HIPAA Settlement for Disclosure of Unsecured ePHI

January 19, 2017  |  Heather Landi
news
MAPFRE Life Insurance Company of Puerto Rico has agreed to settle potential noncompliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules by paying $2.2 million.

Washington Debrief: The Who’s Who in Healthcare on Capitol Hill

January 17, 2017  |  Leslie Kriegstein, Vice President of Congressional Affairs, CHIME
article
The 115th Congress has been sworn-in and there are some new leaders to take note of that will have influence over healthcare on Capitol Hill.

Time for Enlightened Leadership on IT Security in 2017

January 11, 2017  |  Mac McMillan
article
As the new year begins, it’s time for the leaders of patient care organizations to make IT security a major priority for their enterprises—and they need to move quickly, as threats to U.S. healthcare inevitably accelerate in the current operating environment...

Illinois Healthcare Network to Pay $475,000 for Lack of Timely Breach Notification

January 10, 2017  |  Heather Landi
news
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced this week the first Health Insurance Portability and Accountability Act (HIPAA) enforcement action based on the untimely reporting of a breach of unsecured protected...

Breach of HHS Data from 2015 Becomes Public

December 28, 2016  |  Rajiv Leventhal
news
A former patient at Concord-based New Hampshire Hospital, a state psychiatric facility, accessed personal files of up to 15,000 Department of Health and Human Services (HHS) clients while working at a public computer in the organization’s library in 2015.

Survey: Security, Data Privacy Top Concerns in Managing Staff Mobile Devices

December 14, 2016  |  Heather Landi
news
The adoption of mobile devices in healthcare organizations is growing, however there are challenges with managing mobile devices and a majority of healthcare IT leaders cited security as being their top concern, according to a recent survey from Jamf, a mobile...

ONC, OCR Clarify Permitted Disclosures of PHI for Public Health Activities

December 9, 2016  |  Heather Landi
news
The U.S. Department of Health and Human Services Office of the National Coordinator for Health Information Technology (ONC) and Office of Civil Rights (OCR) have published a new fact sheet explaining how providers are permitted to share electronic protected...

UMass Will Pay $650,000 to Settle Potential HIPAA Violations

November 22, 2016  |  Heather Landi
news
The University of Massachusetts Amherst (UMass) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules stemming from a malware infection back in 2013.

October Cybersecurity Report: 35 PHI Incidents, 776K Records Breached

November 18, 2016  |  Rajiv Leventhal
news
The number of reported healthcare data breaches is down for the second straight month, but October still did see 35 protected health information (PHI) security incidents, totaling 776,533 records breached.

Survey: 82 Percent of Healthcare Orgs Have Comprehensive Mobile Strategy

November 14, 2016  |  Rajiv Leventhal
news
Some 82 percent of respondent healthcare organizations have a fully implemented mobile strategy, indicating a greater level of maturity compared to commercial enterprises, according to a survey from software provider Red H

Report: Healthcare Industry Workers Lack Basic Cybersecurity Awareness

November 1, 2016  |  Heather Landi
news
While it’s known that the healthcare industry is being targeted by hackers, a new report finds that the industry is lacking in basic security awareness among staff with a heightened risk of attacks through social engineering, according to an analysis by...

Survey: Healthcare Orgs Not Taking Mobile Security Seriously Enough

October 25, 2016  |  Rajiv Leventhal
news
More than half (56 percent) of healthcare professionals believe their organization could be doing more to educate employees on HIPAA compliance and the rules around sharing protected health information.

Washington Debrief: OCR Offers Details about Audits; More MACRA Considerations

October 24, 2016  |  Leslie Kriegstein, Vice President of Congressional Affairs, CHIME
article
As more folks sink their teeth into the 2,300 page regulations, more details emerge on the Quality Payment Program (QPP).

St. Joseph Health to Pay $2.14M in HIPAA Settlement

October 19, 2016  |  Rajiv Leventhal
news
St. Joseph Health (SJH) has agreed to settle potential violations of the HIPAA privacy and security rules following reports that files containing sensitive health data were publicly accessible through Internet search engines from 2011 to 2012.

Report: Healthcare Data Breaches Continue at Alarming Pace in Second Half of 2016

October 17, 2016  |  Heather Landi
news
Healthcare data breaches are continuing at an alarming pace, with the second half of 2016 shaping up to have more breach incidents per month, so far, than in the first half of the year.

Survey: Most Vendors Not Prepared to Comply with Data Protection Standards

October 10, 2016  |  Heather Landi
news
Two thirds of healthcare industry vendors report they are not prepared to comply with HITRUST healthcare data protection standards, according to a survey by New York City-based advisory firm KPMG.

Pages

Subscribe to HIPAA