Tag Archives: state

Health Net Fined $55K for Data Breach

Health insurance giant Health Net has been fined by the state of Vermont over the insurer’s loss of a portable disk drive that exposed the protected health information (PHI) of 1.5 million people, including 525 Vermonters.

via Health Net Fined $55K for Data Breach.

Cyber bill would reform FISMA, instate new DHS agency and appoint White House-level authority

A controversial Internet security bill proposed in 2010 by Sen. Joe Lieberman (I-Conn.) could yet become law in the current session of Congress, said Jeff Greene, counsel on the majority staff of the Senate Homeland Security and Governmental Affairs Committee.

via Cyber bill would reform FISMA, instate new DHS agency and appoint White House-level authority – FierceGovernmentIT.

More Patients Meeting With Doctors Via Web Programs Such as Skype

Physicians using webcams to consult with patients soon could see significant obstacles, as state laws likely will grow more restrictive as technology advances, according to Capistrant.

Physicians must be licensed in the state where their practice is located and in any state where they see patients through videoconferencing. However, Capistrant said that some states have agreements with others to accommodate doctors who see patients across state lines.

In addition, Capistrant said doctors must make sure their communication with patients meets HIPAA security requirements.

via More Patients Meeting With Doctors Via Web Programs Such as Skype – iHealthBeat.

Lost hard drive puts data on 280,000 Medicaid enrollees at risk – FierceHealthIT

The names, addresses and some health information of 280,000 Medicaid enrollees in Pennsylvania could be at risk after two affiliated managed care organizations reported the loss of a hard drive from a portable computer.The hard drive went missing in the corporate offices of either Philadelphia-based Keystone Mercy Health Plan or Harrisburg-based AmeriHealth Mercy Health Plan, the Philadelphia Inquirer reports. The two companies cover a total of 400,000 Medicaid patients in the state.

via Lost hard drive puts data on 280,000 Medicaid enrollees at risk – FierceHealthIT.

SAS 70 Is Dead!

Long live SSAE 16 and ISAE 3402!

One of the most misunderstood things about SAS 70 was the fact that it was technically only a valid auditing standard in the United States, even though SAS 70 reports are done for non-US based service providers and are relied upon by businesses and auditors worldwide.  However, on or before June 15, 2011, that will change.  As of that date, Statement on Standards for Attestation Engagements (SSAE) 16 and International Standards on Attestation Engagements (ISAE) 3402 will replace the venerable SAS 70.  SSAE 16 is issued by the American Institute of Certified Public Accountants (AICPA) and ISAE 3402 is issued by the International Federation of Accountants (IFAC).

via SAS 70 Is Dead! « PCI Guru.

Discover to get $5M from Heartland for ’08 data breach

Heartland Payment Systems has agreed to pay $5 million to Discover to settle claims arising from the massive data breach disclosed by the payment processor last year.

In a brief statement on Wednesday, the Princeton, N.J.-based Heartland said the settlement “resolves all issues” between the two companies stemming from the intrusion.

via Discover to get $5M from Heartland for ’08 data breach.

Hard Drives in Copy or Fax Machines are a HIPAA Risk | Supply Chain

While everyone is worried about stolen laptops or unauthorized access to computer files, who ever thought the hard drive in copying and fax machines could be a potential HIPAA violation?

Copy machines, fax machines and scanners now contain hard drives — like computer hard drives — that store images of all the pages of information that ever ran through the machines, according to the Baudino Law Group.

The Des Moines, Iowa, law firm said after a copy machine was disposed by a New York-based managed care plan, the plan had to notify three state agencies, federal authorities and more than 400,000 members of a breach of protected health information under HIPAA.

via Hard Drives in Copy or Fax Machines are a HIPAA Risk | Supply Chain.