Health IT, HIPAA, and the CMS Incentive Programs Blog
For physicians, hospitals, government agencies, and business associatesDoes HIPAA Require Encryption?
The HIPAA Security Rule include two separate implementation specifications involving encryption. The first is contained at 45 CFR 164.312(a)(2)(iv): "Encryption and decryption (Addressable). Implement a mechanism to encrypt and decrypt electronic protected health...
Hackers target Community Health Systems, steal personal data of 4.5M patients
Community Health Systems announced on Monday that outside hackers gained access to their network and stole the non-medical, personal information of 4.5 million patients. The data included names, addresses, birth dates, telephone numbers and Social Security numbers—all...
Community Solutions hacked via Heartbleed Vulnerability
Since the initial report of the Community Health Solutions breach, in which attackers hacked into the CHS network to gain personal data of a whopping 4.5 million patients, details of the hack are emerging. According to security firm TrustedSec, owned by David Kennedy,...
CryptoLocker Ransomware tamed by new free service
We’ve blogged previously about a nasty piece of ransomware called CryptoLocker, which gives its victims a difficult choice: Either pay the “ransom” ($400, although other variants may have different fees) to re-gain access to your files or lose your valuable data...
Russian hackers steal 1.2 Billion passwords in gigantic breach, says security firm
An August 5th report from Hold Security, a private security firm in Milwaukee, alleged that a Russian gang of hackers stole the personal data of more than half a billion people. Experts at Hold Security estimate that 420,000 web and FTP sites were accessed by the...
HIPAA Violation Results in Criminal Indictment for East Texas Hospital Worker
A former employee of an East Texas Hospital is facing criminal charges for violating the Health Insurance Portability and Accountability Act, more commonly known as HIPAA. On July 3, 2014, the US Department of Justice announced that charges would be filed against...
Meaningful Use Audits Evolve to Require Security Corrective Actions to be Complete
(Editor's Note: For the Stage 2 Rules effective 10/16/2015, the Privacy and Security Objective is now Objective #1) Eagle Consulting Partners is working with three clients, participants in the Medicare Meaningful Use program, to assist them with responses to...
Cyber Espionage Verizon Report sheds light on risk analysis process
Incidents of cyber-espionage have shown consistent, significant growth and display a wider variety of threat actions than any other pattern discovered in Verizon’s recent 2014 Data Breach Investigations Report, which analyzed of over 63,000 confirmed security...
