by Gary Pritts | Apr 26, 2014 | HIPAA
Tufts Health Plan, who offers health insurance plans for Medicare Advantage, individual or group health insurance in Massachusetts and Rhode Island, announced in an April 24 press release that a security breach had exposed the personal information of 8,830 seniors who...
by Gary Pritts | Apr 26, 2014 | HIPAA
Encryption is the single most essential technology to use for healthcare security breach prevention, according to Joy Pritts, chief privacy officer at the Office of the National Coordinator for Health IT. In an interview with Healthcare Info Security, Pritts states...
by Gary Pritts | Apr 25, 2014 | HIPAA
Covered entities and business associates who need to comply with HIPAA encryption standards first have some high-level planning which is addressed in the post Encrypting Mobile Devices – First Create a Plan. Many organizations will choose to use...
by Gary Pritts | Apr 24, 2014 | HIPAA
The recent enforcement actions against Concentra Health Services and QCA Health Plan, Inc. are two more messages to HIPAA covered entities (and business associates!) to encrypt their PHI. For most organizations, encrypting mobile devices is usually the first priority...
by Gary Pritts | Apr 23, 2014 | HIPAA
Stolen laptops have led to major HIPAA enforcement actions, announced yesterday, for two more covered entities. Concentra Health Services (Concentra) and QCA Health Plan, Inc. of Arkansas have paid the HHS Office for Civil Rights (OCR) $1,975,220 collectively to...
by Gary Pritts | Apr 16, 2014 | HIPAA
Lubbock Cardiology Clinic in Lubbock, Texas posted an online notification of a data breach that affected 1,400 patient medical records and patient demographics (names, addresses, phone numbers and social security numbers). The breach was caused when an unauthorized...
by Gary Pritts | Apr 11, 2014 | HIPAA
On February 3, the Michigan Department of Community Health announced that thousands of individuals had their compromised in a data breach caused by the theft of a laptop and flash drive. The equipment was stolen on the evening of January 30 or the morning of January...
by Gary Pritts | Apr 9, 2014 | HIPAA
Details about the Heartbleed bug, a serious vulnerability in the popular OpenSSL cryptographic software library, were published earlier this week. This vulnerability has the potential to affect web users worldwide. The bug, caused by a programming error, allows the...
by Gary Pritts | Apr 8, 2014 | HIPAA
Large hospitals and national organizations would benefit from a single, national security breach response process. The recent breaches at Target, Neiman Marcus and other retailers have gotten the attention of our national legislators. Last month, US Legislators...
by Gary Pritts | Apr 7, 2014 | HIPAA
Walgreens’ new pharmacy model may be unintentionally violating customers’ patient privacy rights. Named the “Well Experience,” this new store layout/business model gets pharmacists out in the store, with the intention of increasing the pharmacists’...
