HIPAA
Data breach prevention top of mind for healthcare IT decision makers (WTN News)
According to the survey, 80 percent of respondents say securing patient information from unauthorized access and data breaches is a top priority, and 76 percent claim breach of confidential information or unauthorized access to clinical applications as their greatest security concerns – so much so that 97 percent say that HIPAA and HITECH Act regulations [...]
Rite Aid Agrees to Pay $1 Million to Settle HIPAA Privacy Case – MarketWatch
The OCR, which enforces the HIPAA Privacy and Security Rules, opened its investigation of RAC after television media videotaped incidents in which pharmacies were shown to have disposed of prescriptions and labeled pill bottles containing individuals’ identifiable information in industrial trash containers that were accessible to the public. These incidents were reported as occurring in [...]
Healthcare Breaches Spin Out Of Control
If the past week is any indication and I’m afraid it is, health care companies are doing an abysmal job at protecting personal health care data.This evening the Colorado Department of Health Care Policy and Financing announced that state officials discovered an unauthorized removal of a computer hard drive from the state’s Office of Information [...]
Connecticut AG reaches agreement with Health Net over data breach
Connecticut Attorney General Richard Blumenthal has announced that his office has reached a settlement with health insurance company Health Net over a failure to secure patient information on almost a half-million state enrollees, and subsequent failure to promptly notify consumers about the breach. The settlement involves Health Net of the Northeast Inc., Health Net of [...]
13 essential steps to integrating control frameworks – CSO Online
# The organization must understand which frameworks or framework elements are needed to address, at a minimum, the critical security concerns. When addressing control requirements, more is not necessarily better, and each additional control entity represents an investment in time, money, and effort. # Choose a base framework to use. An organization should identify a [...]
HIPAA Rules Now Apply to PHRs
It’s not a new law, but it’s a tangible, short-term step toward protecting the privacy of patient data that travels online. To address loopholes in current patient privacy legislation, the Health and Human Services Department on Thursday proposed privacy rules that would apply to vendors of technology that transmit personal health data. via HIPAA Rules [...]
HHS Proposal covers chain of subcontractors – HIPAA
A key provision of the pending rules would make “downstream” healthcare subcontractors subject to HIPAA’s privacy and security requirements. HIPAA, as bolstered under the HITECH Act, already considers a health information exchange as a “business associate” of organizations covered by the law. Business associates are required to sign contacts that bind them to HIPAA.The proposed [...]
OMB Completes HIPAA Rules Review
The Office of Management and Budget (OMB) has finished its review of proposed rules related to changes to HIPAA privacy and security rules, meaning the rules could hit the streets this week. The OMB reports that it has concluded its regulatory review of the rules HHS sent in April. via OMB Completes HIPAA Rules Review.
Health Net of the Northeast will pay $250,000 in fines
Health Net of the Northeast will pay $250,000 in fines to Connecticut as part of a settlement regarding a lost or stolen hard-drive that contained medical records and personal information of 1.5 million people, including 446,000 in Connecticut. via Insurance Capital – News, Conversation and Links about Connecticut’s Insurance Industry.
5 at hospital Fired For Social Media Use #HIPAA
A California hospital will fire five employees and discipline another because they posted personal discussions concerning hospital patients using social media.An ongoing investigation at Tri-City Medical Center in Oceanside “has not yet identified any evidence that patient names, photographs, or similar identifying information was posted by these employees,” according to a statement from Larry Anderson, [...]
