Electronically protected health information (ePHI) has become a target for malicious attack, according to a recent report by Redspin, Inc., a provider of HIPAA risk analysis and IT security assessment services. The report was conducted between August 2009– when the HITECH breach notification interim final rule (IFR) went into effect—and the end of 2010.
via Report: More than 6M affected since breach notification rule.
Exeter Government Services of Gaithersburg, Md., will develop the toolkit under a contract valued at $720,000. The application will be posted on the NIST website when it’s completed. The federal economic stimulus package provided funding for the project
via NIST to Offer HIPAA Toolkit.
The cost of achieving regulatory security compliance is on average $3.5 million each year, according to a survey of 160 individuals leading the IT, privacy and audit efforts at 46 multinational organizations
via Cost of regulatory security compliance? On average, $3.5M – CSO Online – Security and Risk.
.. They may respond to the complaints of plan members in a general way, but if they want to respond in detail, a plan staffer may phone the patient to avoid violating HIPAA prohibitions against revealing patient information in public
via Health insurers try to ‘humanize’ themselves via Facebook, Twitter – FierceHealthIT.
Health insurance giant Health Net has been fined by the state of Vermont over the insurer’s loss of a portable disk drive that exposed the protected health information (PHI) of 1.5 million people, including 525 Vermonters.
via Health Net Fined $55K for Data Breach.
Physicians using webcams to consult with patients soon could see significant obstacles, as state laws likely will grow more restrictive as technology advances, according to Capistrant.
Physicians must be licensed in the state where their practice is located and in any state where they see patients through videoconferencing. However, Capistrant said that some states have agreements with others to accommodate doctors who see patients across state lines.
In addition, Capistrant said doctors must make sure their communication with patients meets HIPAA security requirements.
via More Patients Meeting With Doctors Via Web Programs Such as Skype – iHealthBeat.
“Grey’s Anatomy” placed second, with 7 violations per episode, including an incident in which Meredith (Ellen Pompeo) shares patient info with someone not authorized to receive it. That is a HIPAA violation.
via 30 Rock is Biggest Ethics Violator on TV | WorstPreviews.com.
One out of every two IT security professionals spends 50% of the work week on regulatory compliance initiatives, according to a new survey.
via Regulatory compliance hogs security pros’ attention.
The number of entities reporting breaches of unsecured protected health information PHI affecting 500 or more individuals is close to reaching the 200 mark.
via OCR: Data Breaches Double Since July.
