Tag Archives: announce

Massachusetts General Hospital Settles Potential #HIPAA Violations

The General Hospital Corporation and Massachusetts General Physicians Organization Inc. (Mass General) has agreed to pay the U.S. government $1,000,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, the U.S. Department of Health and Human Services (HHS) announced today.

via Insurance News – Massachusetts General Hospital Settles Potential HIPAA Violations.

HHS Levies Civil Penalty for HIPAA Privacy Rule Violation – iHealthBeat

On Tuesday, the HHS Office for Civil Rights announced that it has issued its first-ever civil penalty for HIPAA privacy rule violations, the Washington Post reports.OCR fined Cignet Health — a health center based in Maryland — $4.3 million for failing to provide copies of medical records to 41 patients who requested them from September 2008 to October 2009

via HHS Levies Civil Penalty for HIPAA Privacy Rule Violation – iHealthBeat.

Dell To Acquire Secureworks

Dell today announced it has signed a definitive agreement to acquire SecureWorks® Inc., a globally recognized provider of information-security services. SecureWorks’ industry leading Security-as-a-Service solutions include Managed-Security Services, Security and Risk Consulting Services and Threat Intelligence. The acquisition expands Dell’s global IT-as-a-Service offerings and information security expertise.

via Dell To Acquire Secureworks | Dell.

Amazon Web Services achieves Level 1 PCI compliance

Amazon Web Services LLC AWS, a subsidiary of Amazon.com recently announced it has achieved Level 1 compliance with the Payment Card Industry PCI Data Security Standard DSS. Merchants and other service providers can now run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. Customers can use AWS cloud infrastructure

via InformationWeek – Cloud Computing – Amazon Web Services achieves Level 1 PCI compliance.

Google wins email, apps contract with U.S. GSA | ZDNet

Over the summer, the company launched Google Apps for Government and announced that it had received FISMA (Federal Information Security Management Act) certification, which allowed it to store sensitive, yet unclassified, information, which makes up about 80 percent of all government data.

via Google wins email, apps contract with U.S. GSA | ZDNet.

Visa offers new guidance on securing payment applications – Computerworld

Visa on Tuesday announced a set of security best practices for vendors of payment applications and for the systems integrators and resellers responsible for implementing and managing them.

The guidelines are designed to address continuing vulnerabilities in the payment chain stemming from insecure implementations of the applications that are used in credit and debit card transactions, according to Eduardo Perez, Visa’s head of global payment system security.

via Visa offers new guidance on securing payment applications – Computerworld.

Visa Provides Guidance on Secure Implementation and Management of Payment Applications — SAN FRANCISCO, Aug. 24 /PRNewswire/ —

Visa today announced global industry best practices for payment application vendors, integrators and resellers that implement, install or manage payment-related systems on behalf of merchants. The best practices developed by Visa in collaboration with the SANS Institute are designed to complement the Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS).

via Visa Provides Guidance on Secure Implementation and Management of Payment Applications — SAN FRANCISCO, Aug. 24 /PRNewswire/ —.

Healthcare Breaches Spin Out Of Control

If the past week is any indication and I’m afraid it is, health care companies are doing an abysmal job at protecting personal health care data.This evening the Colorado Department of Health Care Policy and Financing announced that state officials discovered an unauthorized removal of a computer hard drive from the state’s Office of Information Technology Department: The information did NOT include addresses, dates of birth, social security numbers or any other financial information that could be used for identity theft. It included name, state ID number and the name of the client’s program. Approximately 111,000 clients, or one-fifth of those receiving public health insurance, will receive notification by first-class mail, as required by HIPAA.

via Healthcare Breaches Spin Out Of Control – Security Blog – InformationWeek.

Connecticut AG reaches agreement with Health Net over data breach

Connecticut Attorney General Richard Blumenthal has announced that his office has reached a settlement with health insurance company Health Net over a failure to secure patient information on almost a half-million state enrollees, and subsequent failure to promptly notify consumers about the breach. The settlement involves Health Net of the Northeast Inc., Health Net of Connecticut Inc., and parent companies UnitedHealth Group Inc. and Oxford Health Plans.

via DOTmed.com – Connecticut AG reaches agreement with Health Net over data breach.