Recent News

Northwestern Medicine Sued Over Medical Information Disclosure on Twitter

Northwestern Medicine Regional Medical Group is being sued by a patient whose sensitive medial information was disclosed on Twitter and Facebook. Gina Graziano discovered some of her sensitive medical information had been disclosed on social media websites and contacted Northwestern Medicine to...

Database of New Jersey Healthcare Provider Found to be Leaking Patient Data

Another unsecured healthcare database has been discovered which contains an estimated 37,000 records. The discovery was made on March 1, 2019 by security researcher Jeremiah Fowler. A brief analysis of the database appeared to show the records belonged to the New Jersey healthcare provider, Home...

Potentially Massive Breach of Protected Health Information Discovered

Sacramento, CA-based medical software provider Meditab Software Inc., and it’s San Juan, PR-based affiliate, MedPharm Services have suffered a massive breach of protected health information. Meditab provides electronic medical record (EMR) and practice management software to hospitals,...

Is DocuSign HIPAA Compliant?

Can DocuSign be used by healthcare organizations in connection with electronic protected health information (ePHI) without violating HIPAA Rules? Is DocuSign HIPAA compliant? DocuSign is a San Francisco-based provider of electronic signature technology and transaction management services. Via...

February 2019 Healthcare Data Breach Report

Healthcare data breaches continued to be reported at a rate of more than one a day in February. February saw 32 healthcare data breaches reported, one fewer than January. The number of reported breaches may have fell by 3%, but February’s breaches were far more severe. More than 2.11 million...

  • Healthcare Data Privacy
  • Healthcare Data Security
  • Healthcare Information Technology
  • HIPAA Breach News
  • HIPAA Compliance News
  • HIPAA News
  • HIPAA News for Small and Mid-Sized Practices
  • HIPAA Updates

February 2019 Healthcare Data Breach Report

Healthcare data breaches continued to be reported at a rate of more than one a day in February. February saw 32 healthcare data breaches reported, one fewer than January. The number of reported breaches may have fell by 3%, but February’s breaches were far more severe. More than 2.11 million...

Lawmakers Propose Florida Biometric Information Privacy Act

Senator Gary Farmer (D-FL) and Representative Bobby DuBose (D-FL) have proposed new bills (SB 1270 /HB 1153) that require all private entities to obtain written consent from consumers prior to collecting or using their biometric data. The Florida Biometric Information Privacy Act is similar to the...

25% of Healthcare Organizations Have Experienced a Mobile Security Breach in Past 12 Months

The Verizon Mobile Security Index 2019 report indicates 25% of healthcare organizations have experienced a security breach involving a mobile device in the past 12 months. All businesses face similar risks from mobile devices, but healthcare organizations appear to be addressing risks better than...

February 2019 Healthcare Data Breach Report

Healthcare data breaches continued to be reported at a rate of more than one a day in February. February saw 32 healthcare data breaches reported, one fewer than January. The number of reported breaches may have fell by 3%, but February’s breaches were far more severe. More than 2.11 million...

Internet of Things Improvement Act Requires Minimum Security Standards for IoT Devices

U.S. Sens. Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, and Sens. Maggie Hassan (D-NH) and Steve Daines (R-MT) have introduced The Internet of Things Improvement Act, which requires all IoT devices purchased by the U.S. government to meet...

Study Confirms Healthcare Employees Are Susceptible to Phishing Attacks

The healthcare industry is being targeted by cybercriminals and phishing is one of the most common ways that they gain access to healthcare networks and sensitive data. The number of successful phishing attacks on healthcare institutions is a serious concern. At HIMSS19, OCR highlighted email as...

Internet of Things Improvement Act Requires Minimum Security Standards for IoT Devices

U.S. Sens. Mark R. Warner (D-VA) and Cory Gardner (R-CO), co-chairs of the Senate Cybersecurity Caucus, and Sens. Maggie Hassan (D-NH) and Steve Daines (R-MT) have introduced The Internet of Things Improvement Act, which requires all IoT devices purchased by the U.S. government to meet...

Is Microsoft Teams HIPAA Compliant?

Microsoft Teams is a popular communications platform used by many businesses to communicate more effectively, but can the solution be used in healthcare? Is Microsoft Teams HIPAA compliant? Microsoft Teams is a unified communication platform that includes workplace chat, video meetings, and file...

Workplace Safety Survey Shows Communication Issues are Placing Employees at Risk

Framingham, MA-based Rave Mobile Safety has published the results of its annual workplace safety and preparedness survey. The report shows that while preparedness for emergency is better than in 2017, there is still considerable room for improvement, especially in healthcare and education. The...

Northwestern Medicine Sued Over Medical Information Disclosure on Twitter

Northwestern Medicine Regional Medical Group is being sued by a patient whose sensitive medial information was disclosed on Twitter and Facebook. Gina Graziano discovered some of her sensitive medical information had been disclosed on social media websites and contacted Northwestern Medicine to...

Database of New Jersey Healthcare Provider Found to be Leaking Patient Data

Another unsecured healthcare database has been discovered which contains an estimated 37,000 records. The discovery was made on March 1, 2019 by security researcher Jeremiah Fowler. A brief analysis of the database appeared to show the records belonged to the New Jersey healthcare provider, Home...

Potentially Massive Breach of Protected Health Information Discovered

Sacramento, CA-based medical software provider Meditab Software Inc., and it’s San Juan, PR-based affiliate, MedPharm Services have suffered a massive breach of protected health information. Meditab provides electronic medical record (EMR) and practice management software to hospitals,...

Northwestern Medicine Sued Over Medical Information Disclosure on Twitter

Northwestern Medicine Regional Medical Group is being sued by a patient whose sensitive medial information was disclosed on Twitter and Facebook. Gina Graziano discovered some of her sensitive medical information had been disclosed on social media websites and contacted Northwestern Medicine to...

Is DocuSign HIPAA Compliant?

Can DocuSign be used by healthcare organizations in connection with electronic protected health information (ePHI) without violating HIPAA Rules? Is DocuSign HIPAA compliant? DocuSign is a San Francisco-based provider of electronic signature technology and transaction management services. Via...

February 2019 Healthcare Data Breach Report

Healthcare data breaches continued to be reported at a rate of more than one a day in February. February saw 32 healthcare data breaches reported, one fewer than January. The number of reported breaches may have fell by 3%, but February’s breaches were far more severe. More than 2.11 million...

February 2019 Healthcare Data Breach Report

Healthcare data breaches continued to be reported at a rate of more than one a day in February. February saw 32 healthcare data breaches reported, one fewer than January. The number of reported breaches may have fell by 3%, but February’s breaches were far more severe. More than 2.11 million...

New HIPAA Regulations in 2019

While there were expected to be some 2018 HIPAA updates, the wheels of change move slowly. OCR has been considering HIPAA updates in 2018 although it is likely to take until the middle of 2019 before any proposed HIPAA updates in 2018 are signed into law. Further, the Trump Administration’s...

Healthcare Associations Call for Safe Harbor for Breached Entities That Have Adopted Cybersecurity Best Practices

Several healthcare associations have requested a safe harbor for healthcare organizations that would prevent OCR and state attorneys general from issuing financial penalties for breaches of protected health information if the breached entity has met certain standards for safeguarding protected...

OCR Encourages Healthcare Organizations to Conduct a Gap Analysis

In its April 2018 cybersecurity newsletter, OCR draws attention to the benefits of performing a gap analysis in addition to a risk analysis. The latter is required to identify risks and vulnerabilities that could potentially be exploited to gain access to ePHI, while a gap analysis helps healthcare...

How to Defend Against Insider Threats in Healthcare

One of the biggest data security challenges is how to defend against insider threats in healthcare. Insiders are responsible for more healthcare data breaches than hackers, making the industry unique. Verizon’s Protected Health Information Data Breach Report highlights the extent of the problem....

Former Berkeley Medical Center Worker Gets 5 Years’ Probation for Identity Theft

In federal court on Monday, Chief U.S. District Judge Gina M. Groh sentenced a former Berkeley Medical Center worker to 5 years’ probation for her role in an identity theft scam. In addition to probation, Angela Dawn Roberts, 42, of Stephenson, VA, must pay $22,000 in restitution. Angela Dawn...

OCR Issues Request for Information on Potential Updates to HIPAA Rules to Improve Data Sharing

The Department of Health and Human Services’ Office for Civil Rights (OCR) has issued a request for information (RFI) seeking comments from the public on potential modifications to Health Insurance Portability and Accountability Act (HIPAA) Rules to promote coordinated, value-based...

AMIA and AHIMA Call for Changes to HIPAA to Improve Access and Portability of Health Data

The American Medical Informatics Association (AMIA) and the American Health Information Management Association (AHIMA) have called for changes to HIPAA to be made to improve patients’ access to their health information, make health data more portable, and to better protect health data in the app...

Do HIPAA Rules Create Barriers That Prevent Information Sharing?

The HHS has drafted a Request for Information (RFI) to discover how HIPAA Rules are hampering patient information sharing and are making it difficult for healthcare providers to coordinate patient care. HHS wants comments from the public and healthcare industry stakeholders on any provisions of...