Medical identity theft is on the rise in the U.S.

by Gary Pritts | May 12, 2014 | HIPAA

A recent survey by The Identity Theft Resource Center (ITRC) reported that medical identity theft accounted for 43.8 percent of all identity thefts reported in the US last year.  The medical/healthcare segment accounted for the largest number of breaches, with other...

Meaningful Use: Audit, Assessment or Analysis?

by Gary Pritts | May 12, 2014 | HIPAA

Conducting a meaningful use security risk assessment has been a requirement for HIPAA Covered entities since 2005, and now their business associates must also comply. The Meaningful Use program (Stage 1) also includes the requirement: “Conduct or review a...

NY Presbyterian, Columbia University Settlement highlights importance of PHI application inventory

by Gary Pritts | May 9, 2014 | HIPAA

The recent situation at NY Presbyterian Hospital/Columbia University Medical Center that resulted in the largest-to-date HIPAA settlement of $4.8 Million, highlighted that security leadership wasn’t aware of all of the applications running on their system.   Reading...

N.Y. Presbyterian, Columbia Resolution Clarify HHS Expectations for IT Asset Inventory in Largest HIPAA Settlement

by Gary Pritts | May 8, 2014 | HIPAA

The largest HIPAA settlement ever, in the amount of $4.8 Million, by two affiliated organizations, NY Presbyterian and Columbia University, sheds light on HHS expectations for HIPAA compliance, at least for a large academic medical center with 24,000 employees.  The...

Over 2,400 patients affected by data breach at UMass Memorial Medical

by Gary Pritts | May 6, 2014 | HIPAA

Employee misbehavior using access privileges for the purpose of identity theft has led to yet another data breach.  Notice was sent to more than 2,400 patients at UMass Memorial Medical Center (UMMMC) in Worcester, MA regarding potential identify theft. On March 6,...

4th Annual Patient Privacy and Data Security Survey Results Released by Ponemon

by Gary Pritts | May 5, 2014 | HIPAA

The Fourth Annual Patient Privacy and Data Security Survey, published in March, revealed new and expanded threats to the security and privacy of patient information in the U.S. healthcare system. The independent survey was completed by the Ponemon Institute and...

Boston Medical Center vendor causes data breach

by Gary Pritts | May 2, 2014 | HIPAA

Boston Medical Center, a 496-bed academic medical center in Boston, discovered a data breach on March 3 when the records of 15,000 patients were posted online by a vendor. The records, which contained patients’ names, addresses, and medical information, including what...

Data Breach at UPMC leaked personal information of 27,000 employees

by Gary Pritts | May 1, 2014 | HIPAA

A data breach at the University of Pittsburgh Medical Center (UPMC) originally thought to have compromised the privacy of 332 employees, may actually have over 27,000 victims according to a recent Pittsburgh Tribune-Review report. The alleged breach involved the...

FBI Expects Increase in Cyber Attacks Targeting Healthcare Industry

by Gary Pritts | Apr 30, 2014 | HIPAA

The FBI recently issued two private industry notices (PINs) to the healthcare sector, warning that cyber-attacks against devices and systems in that industry are likely to increase. The notices were issued to a number of undisclosed and unidentified organizations in...

Windows XP Users at Risk – Upgrade now if at all possible!

by Gary Pritts | Apr 29, 2014 | HIPAA

Microsoft announced over the weekend that all versions of Internet Explorer have a “serious security hole” that hackers can use to take over a computer and hijack your computer.  In their announcement, Microsoft stated that they are aware of limited, targeted attacks...