Microsoft researchers will release a report at a security conference next month that details vulnerabilities in EMRs at more than 200 top US Hospitals, according to industry publication NETWORKWORLD. The advance info on the study indicates that 4 different types of attacks in the study were able to evade the encryption found in many of … Read more
For folks who already are fairly HIPAA-savvy, the new HIPAA Basics fact sheet issued by CMS in May 2015 is probably WAY TOO basic, but the one strong point is a cheat sheet of resources on HIPAA together with links. We are including those links below: Are You A Covered Entity? Business Associate Contracts Business … Read more
My daughter has just released the second edition of her HIPAA Deskbook on Amazon. She used college vacations to expand the previous edition by more than 100 pages at dad’s prompting so I would have an expanded resource on my desk rather than searching a computer. I like to highlight and mark frequently-used sources and … Read more
While healthcare providers are scrambling to stay ahead of identity thieves, Chinese and Iranian military hackers, and NSA snoops, they may be leaving a big hole in their defenses as they add all kinds of automation systems for the “internet of things”, as the recent Target data breach fiasco demonstrates. Unfortunately, this lesson was not … Read more
Are there still folks who have so little awareness of HIPAA that they could go out and dump patient records like these folks? Unfortunately, even five years after this event, we hear current stories of patient records blowing out of dumpsters. Look for fines of this type to escalate rapidly, just as other HIPAA fines … Read more
With the loss of laptops, smart phones, tablets, and USB drives being among the top sources of privacy breaches, healthcare providers should be aware of a recent federal court ruling that drove a $3 million privacy settlement. The federal appellate court ruling against AVmed — a medical insurance company — allowed claims involving negligence and … Read more
Small physician practices should have received a wake-up call with the most recent fine announced by the Office of Civil Rights HIPAA enforcement division which shows that the feds are going to go after small practices for technical violations, even if no patient data was misused. The official press release states: Adult & Pediatric Dermatology, … Read more
Protected health information is made up of directly identifiable elements specified by the HIPAA law. E-PHI (PHI in electronic format) is a subset of the HIPAA information. HIPAA regulates the release, sharing, or use of individually identifiable health information (considered PHI). “Individually identifiable health information” is information, including demographic data, that relates to: the individual’s … Read more
I believe it was John Dillinger who was asked why he robbed banks. His answer was simply “Because that is where the money is.” If your practice, hospital, or business is gathering more and more data on its customers and patients, it is becoming a data “bank” with a larger and larger bulls-eye on it, … Read more