A recent comparative study completed on mobile phone users on both sides of the Atlantic has shown the differences and similarities in opinions about the security of mobile phones and the data they carry. The survey, operated by iReach Insights for Inhance...

The largest ever financial penalty for violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules has been issued this by the Office for Civil Rights (OCR) of the HHS issue. The data breach was happened when a...

The Office for Civil Rights (OCR) has revealed that it is to restart HIPAA compliance audit program this fall. Phase 2 will include 350 compliance audits which will be carried out on healthcare providers, healthcare clearing houses and health plans, along with 50 more...

Carrying out an in depth risk assessment is a requirement under the HIPAA Security Rule; however it can be a complex process calling for all potential security weaknesses to be identified. The process can be a major task for any organization, especially when the...

A recent announcement from the Ponemon Institute has shown the serious threat cyber attacks pose the healthcare industry and should serve as a warning that security must be improved. The cost to the industry is massive. Data breaches are estimated to cost the...

The Office for Civil Rights of the Department of Health and Human Services is moving closer to commencing the next round of HIPAA compliance audits issuing a notice in the Federal Register stating its intention to begin a series 1,200 pre-audit surveys. The OCR is...

A new data security report issud by healthcare IT security firm Redspin suggests the number of data breaches made known to the U.S. Department of Health and Human Services has increased by 138% over the course of the past year. The final figures could yet be even...

All covered entities must  submit annual reports of HIPAA breaches to the U.S Department of Health and Human Services and the deadline for filing 2013 breaches is coming quickly. While there is a requirement under the Breach Notification Rule for healthcare...

Windows XP will no longer be HIPAA or meaningful use compliant in six weeks on some or all workstations,  so there is a deadline of April 8 for organizations to migrate to a new OS as Windows XP of face possible penalties for breaching HIPAA. Any organization using...

The Health Information Trust Alliance (HITRUST) has revealed that version seven of the HITRUST Common Security Framework (CSF) – due to be issed later this month – will include a number of new privacy controls. HITRUST was set up in 2007 with the aim of helping the...

President Obama is increasing up efforts to minimize gun violence; however some legal obstacles remain and the HIPAA Privacy Rule is currently obstructing the reporting of important information to the National Criminal Background Check System. The NCBC allows gun...

A new HIPAA security breach has been discovered in Virginia involving 919 patients from the Riverside Health System which runs five hospitals in the Southeast Virginia area. The data violation did not involve tens of thousands of patients although the security breach...

The a stolen laptop computer from a healthcare supplier belonging to Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. (MEEI) has lad to a settlement of $1.5 million with the HHS Office for Civil Rights for HIPAA breaches. The U.S....

The Office for Civil Rights and the Office of the National Coordinator have both recently provided guidelines and tips which healthcare professionals can use to ensure that their devices are made secure and ePHI is properly safe. The advice has been issued on...

Experian credit bureau has released a new report that predicts that 2014 will see a surge in  data breaches. The report also foresees that the healthcare industry will most targeted. The report says that the reason healthcare is so attractive to hackers is the sheer...

On 26th September, Lori Stein attended Cotton-O’Neil Diabetes and Endocrinology Center in Topeka and met with an endocrinologist for an appointment. Lori Stein´s checkup was standard in order to monitor her diabetes, but during her consultation she inquired if she...

Healthcare organizations and their business client are facing fines for non-compliance following the introduction of new regulations which secure the privacy of patients and the security of their personal information. The Omnibus Final Rule was passed earlier this...

Many healthcare groups were unwilling to implement the use Google Apps because under the new HIPAA rules, Google would have to sign a Business Associate agreement; something the internet giant had not completed. Google has now agreed to remove this obstacle and sign a...

The Privacy Rule amended the Health Insurance Portability and Accountability Act of 1996 to give people better controls over how their medical history can be used and disclosed to third parties. The Rule now prevents the disclosure or use of patient PHI for the...

The passing of the Omnibus Rule extended HIPAA’s reach to include business associates of HIPAA-covered bodies and requires them to comply with the same set of standards as the healthcare organizations with which they work. Business Associates are defined as any...

Advocate Health Care, one of the nation’s biggest healthcare suppliers, has announced that it has experienced a major HIPAA security breach after four unencrypted laptops were illegally taken from the Advocate Medical Group administrative buildings in Park Ridge,...

In a recent report from Spyglass Consulting, it is not just doctors who are signing up to medical BYOD schemes; nurses too are now registering and 69% of those polled said they bring their own mobile device to work with them. Mobile devices are not permitted to be...

Cedars-Sinai Hospital in Los Angeles was selected by reality TV star Kim Kardashian and Rapper Kayne West as the hospital to have their daughter delivered. Their baby was born on June 15th, but three days later some staff members started looking at the medical records...

L.A Times has published an article which has revealed that a sequence of events has run which has now lead to in Shasta Regional Medical Center (SRMC) agreeing to a settlement of $275,000 for its breaches of the Health Insurance Portability and Accountability Act...

The accidental disclosure of electronic Protected Health Information stored on one of Idaho State University's servers has led to the Department of Health and Human Services’ Office for Civil Rights has issuing a large fine. The University discovered that a server...

Mobile devices being stolen may be one of the main causes of HIPAA breaches, although human mistakes can easily lead to patient health data being accessible, with Dent Neurologic the latest healthcare group to suffer a major HIPAA breach due to the actions of a member...

Raleigh Orthopedic Clinic arranged for its X-ray films to be brought up to date and converted to digital media, the healthcare organization sought external assistance from a third party vendor. After locating a supplier that could offer the service and the selected...

The Office for Civil Rights (OCR) of the HHS has issued the largest ever financial penalty, $4.8m, for a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. The data breach happpened when a computer server...

Protected Health Information can easily be accessed by an unauthorized personnel if a document is left in a photocopier after copies have been made; however digital photocopiers can expose the personal health data of hundreds of thousands of people. When copies of...

A New York identity thief who stole the medical information of almost 1000 patients and committed $10.7 million in Medicare fraud has been found guilty of HIPAA violations by a New York federal court and given a 12-year sentence in a federal penitentiary. Over a...