Tufts Health Plan, who offers health insurance plans for Medicare Advantage, individual or group health insurance in Massachusetts and Rhode Island, announced in an April 24 press release that a security breach had exposed the personal information of 8,830 seniors who...
Encryption is the single most essential technology to use for healthcare security breach prevention, according to Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT. In an interview with Healthcare Info Security, Pritts states...
Covered entities and business associates who need to comply with HIPAA encryption standards first have some high-level planning which is addressed in the post Encrypting Mobile Devices – First Create a Plan. Many organizations will choose to use...
The recent enforcement actions against Concentra Health Services and QCA Health Plan, Inc. are two more messages to HIPAA covered entities (and business associates!) to encrypt their PHI. For most organizations, encrypting mobile devices is usually the first priority...
Stolen laptops have led to major HIPAA enforcement actions, announced yesterday, for two more covered entities. Concentra Health Services (Concentra) and QCA Health Plan, Inc. of Arkansas have paid the HHS Office for Civil Rights (OCR) $1,975,220 collectively to...
Lubbock Cardiology Clinic in Lubbock, Texas posted an online notification of a data breach that affected 1,400 patient medical records and patient demographics (names, addresses, phone numbers and social security numbers). The breach was caused when an unauthorized...
On February 3, the Michigan Department of Community Health announced that thousands of individuals had their compromised in a data breach caused by the theft of a laptop and flash drive. The equipment was stolen on the evening of January 30 or the morning of January...
Details about the Heartbleed bug, a serious vulnerability in the popular OpenSSL cryptographic software library, were published earlier this week. This vulnerability has the potential to affect web users worldwide. The bug, caused by a programming error, allows the...
Large hospitals and national organizations would benefit from a single, national security breach response process. The recent breaches at Target, Neiman Marcus and other retailers have gotten the attention of our national legislators. Last month, US Legislators...
Walgreens’ new pharmacy model may be unintentionally violating customers’ patient privacy rights. Named the “Well Experience,” this new store layout/business model gets pharmacists out in the store, with the intention of increasing the pharmacists’...
