Call us at: 877-275-4545
According to an article on HIPAA Journal, over a 27 month period an employee of St. Charles Health System in Oregon accessed nearly 2,500 patient records without authorization. All it took to discover the unnamed employee had been inappropriately accessing patient records was one incident that sparked further review, occurring on January 16, 2017. The...
With the dramatic number of security breaches over the last few years, it should come as no surprise that the healthcare industry has plans to increase spending on IT security. An article over at CIO talks about just how necessary the increase in IT security spending really is. According to a survey released this Tuesday,...
Peachtree Orthopedics has experienced a huge data breach that affects over 500,000 patients. It seems that Peachtree was a victim of a hacker who stole the information and went a step further by issuing a press release: It all began many months ago when we acquired 543k patient records which contain both PII and PHI...
HealthIT Security has a very good article on OCR HIPAA activities. A key message is that not all OCR complaints result in HIPAA violations OCR will continue to focus “its enforcement efforts and its resources” in areas of alleged non-compliance and “where corrective action under HIPAA may be the only remedy.” In terms of OCR...
In a clear message to healthcare organizations, The U.S. Department of Health and Human Services Office of Civil Rights (OCR), fined Women & Infants Hospital of Rhode Island (WIH) for not having updated HIPAA Business Associate Agreements. WIH provided OCR with a business associate agreement with Care New England Health System effective March 15, 2005,...
Almost all software programs have bugs in their code. The bugs may be security holes, problems displaying pages on mobile devices or inaccurately displaying results in reports to name a few. So it should be no shock that electronic health record (EHR) systems would have bugs as well. EHRs are complex software programs and are...
There has been a lot of articles written lately about the threat of ransomware to healthcare organizations. Hollywood Presbyterian Medical Center paid a $17,000 ransom to regain access to their systems after they were infected with ransomware. Several other hospitals have been ransomware victims and countless other medical practices have fallen victim as well. There...
By now we are all aware of the horrible event that took place in Orlando over the weekend. Mass casualties caused local hospitals and ERs to respond heroically. One of the tasks required during these operations was the necessity to communicate patient status with family and loved ones. Unfortunately, this was not handled very well....
Well that didn’t take long. In a recent article I made the case that newer variations of ransomware could result in a reportable HIPAA breach. I argued that if ransomware not only encrypted the victim’s files but also copied the files off of a computer or allowed access to the files, then the result could...
The topic of ransomware, especially ransomware hitting healthcare organizations, is making headlines daily. Dan Munro has a very good article over at Forbes that asks an important question: Is Ransomware Considered A Health Data Breach Under HIPAA? David Harlow, Principal – The Harlow Group, LLC, whose insight into HIPAA law I respect greatly, states: Ransomware...
© 2025 · HIPAA Secure Now!
Recent Comments