Privacy & Security

Montana health data breach a textbook example of what not to do
By Evan Schuman | 11:09 am | July 01, 2014
When an organization experiences a major data breach and puts out a news release, the point is to comfort people that the news isn't as bad as it sounds. But at the same time, it's critical to be precise with language -- lest that organization be compelled to subsequently issue the dreaded, "What we actually meant to say in Monday's statement…" statement.
Hackers steal health data of 1.3M
By Erin McCann | 11:57 am | June 25, 2014
In one of the largest HIPAA breaches ever reported, the Montana Department of Public Health and Human Services is notifying some 1.3 million people after hackers gained unfettered access to an agency server for nearly a year before being discovered.
BYOD tips: Keep it simple, be nimble
By Eric Wicklund | 11:00 am | June 25, 2014
More than 60 percent of all industries worldwide embrace BYOD, says Mac McMillan, CEO of the information security company CynergisTek and chairman of the HIMSS Privacy and Security Task Force. In healthcare, that number stands at around 85 percent, with 92 percent of that number saying personal mobile devices are in use multiple times every day.
Group foots $800K bill for HIPAA breach
By Erin McCann | 11:03 am | June 24, 2014
As myriad healthcare organizations have attested, the aftermath of a HIPAA violation generally isn't a pretty sight, especially when it comes to one's bank account. One Indiana-based health system has witnessed this reality after being slapped with an $800,000 settlement for violating the HIPAA Privacy Rule.
Feds begin HIPAA probe in Cincinnati
By Evan Schuman | 10:49 am | June 24, 2014
The U.S. Department of Health & Human Services has launched a federal probe into HIPAA privacy violations at the University of Cincinnati Medical Center, according to an HHS spokesperson.
Lessening the blow of cyberattacks
By Erin McCann | 12:03 pm | June 23, 2014
Data attacks on healthcare organizations have increased a whopping 100 percent from just four years ago, a reality that has chief security and information officers in a dash to stay ahead of the data protection curve.
Breach response tips from the experts
By Erin McCann | 11:48 am | June 20, 2014
Some 90 percent of healthcare organizations have reported at least one data breach in the past two years, with more than a third seeing more than five breaches. Gerry Hinkley, partner at Pillsbury Winthrop Shaw Pittman's healthcare practice, says breach response is where many make major missteps, mistakes that can easily be avoided.
iOS changes will address HIPAA risk
By Evan Schuman | 11:13 am | June 16, 2014
Imagine if almost everyone walking into your hospital -- patients, doctors, visitors, salespeople -- was carrying an active homing beacon, which broadcast, unencrypted, their presence and repeatedly updated exact location to anyone who chose to listen.
Security tips from the health IT pros
By Erin McCann | 11:06 am | June 13, 2014
As anyone who's ever worked for IT security can attest, the job is no walk in the park. New threats, compliance mandates, vulnerabilities and updates are constant. But with strong leadership, and a culture of compliance and responsibility to match, many healthcare organizations have shown it can be done right -- and well.
ONC chief privacy officer to step down
By Diana Manos | 12:25 pm | June 12, 2014
After nearly five years at the Office of the National Coordinator for Health IT, Chief Privacy Officer Joy Pritts will be leaving her post later this summer.