Privacy & Security

HIPAA breach is bad news for 729,000
By Erin McCann | 08:37 am | October 23, 2013
Despite the revamped federal HIPAA Omnibus Rule which holds covered entities and business associates more accountable for failing to adequately protect patients' health information, some groups continue to make the same old avoidable mistakes.
Obama calls IT support for ailing site
By Mike Miliard | 12:06 pm | October 21, 2013
Three weeks after the disastrous launch of its health insurance marketplace, the Obama administration has vowed to redouble its efforts to fix its many glitches, promising a 'tech surge' to iron out its problems and improve the customer experience.
Hospital Facebook post leads to ID theft
By Erin McCann | 11:58 am | October 21, 2013
An Arizona hospital is facing scrutiny after one of its employees posted a workplace photo on Facebook, inadvertently including the protected health information and Social Security number of a patient.
Court ruling sparks patient privacy talk
By Erin McCann | 11:51 am | October 18, 2013
A recent court decision ruling that a HIPAA-covered entity was not liable for losing a hard drive containing patients' protected health information could have big implications for future cases in the realm of privacy and security.
New HIPAA rule could change BAA talks
By Mike Miliard | 12:19 pm | October 17, 2013
With an onus now on vendors to keep hosted data secure, that can make business associate agreements trickier than ever to negotiate as hospitals try to protect patient information and IT companies try to shield themselves from risk. Four providers offer tips from the trenches on getting the language right.
Lack of encryption brings breach blunder
By Erin McCann | 12:03 pm | October 16, 2013
Device encryption may seem like a fairly straightforward undertaking, but it's proven to be one HIPAA-covered entities and business associates frequently forgo -- much to their chagrin down the road, when they're notifying individuals of a privacy breach involving unencrypted personal data.
CIOs push for patient ID progress
By Neil Versel | 11:36 am | October 15, 2013
The patient identification issue refuses to go away, mainly because nobody has quite figured out how to assure proper patient identity in health information exchange. At the CHIME Fall CIO Forum in Phoenix, some leading hospital CIOs emphasized the importance of accurate patient matching.
VA remains one of top privacy offenders
By Erin McCann | 12:02 pm | October 14, 2013
The Department of Veterans Affairs continues to be one of the biggest offenders of HIPAA privacy and security rules and has reported egregious breaches in recent years, affecting millions of veterans and active service members.
What happened to Healthcare.gov?
By Mike Miliard | 12:02 pm | October 11, 2013
It's been almost two weeks since Obamacare's federal insurance exchange website went live, was inundated with traffic, went weird, was taken down for maintenance, then came back online still filled with glitches. Why did such a crucial site fail at such a critical moment? And what are the lessons that can be learned?
Breach has group using encryption
By Erin McCann | 11:39 am | October 10, 2013
A Tennessee-based healthcare provider is notifying thousands of patients that their protected health information has been compromised following a privacy breach due to unencryption. The incident has prompted the hospital to move its records to an encrypted cloud-based server.