Erin McCann
In one of the largest HIPAA breaches ever reported, the Montana Department of Public Health and Human Services is notifying some 1.3 million people after hackers gained unfettered access to an agency server for nearly a year before being discovered.
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
Data attacks on healthcare organizations have increased a whopping 100 percent from just four years ago, a reality that has chief security and information officers in a dash to stay ahead of the data protection curve.
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
As anyone who's ever worked for IT security can attest, the job is no walk in the park. New threats, compliance mandates, vulnerabilities and updates are constant. But with strong leadership, and a culture of compliance and responsibility to match, many healthcare organizations have shown it can be done right -- and well.
With its sights set on a Department of Defense deal, technology giant IBM announced Tuesday it was teaming up with EHR behemoth Epic Systems to compete for the DoD Healthcare Management Systems Modernization contract. The DHMSM is slated to replace the current Military Health System and will serve some 9.7 million beneficiaries.
The American Medical Association on Monday named its new president-elect, who has been recognized for his involvement with health information technology. The to-be president has been critical of several aspects of the EHR Incentive Program.
Kevin Johnson is a professional hacker -- albeit a self-described ethical one. As head of the security consulting firm Secure Ideas, his job involves probing into organizations' networks and applications to identify vulnerabilities. What he sees in healthcare terrifies him.
A Pennsylvania-based hospital is notifying nearly 2,000 patients of a HIPAA breach after an employee accessed and transmitted patients' protected health data outside of the hospital's secure network.
Healthcare's all about the patients, right? But far too often, there's a disconnect -- the idea that the care ends when the patient exits the building or a diagnosis is made, the idea that clinical deals with clinical and information technology deals with IT.