There is a great post over at Infosec Island regarding a letter that was received from the Office of Civil Rights (OCR) after a data breach that occurred at a small medical practice. The breach was the result of a burglary. No details were given on what was stolen or what kind of patient information...
It seems that at least twice a month we are hearing about a health care organization that has had a data breach because of a lost of stolen laptop. Every time I read about a new breach I shake my head and ask myself why aren’t these organizations using encryption to protect the contents on...
Medical practices are not only tasked with protecting their patient’s health but now are responsible for protecting their patient’s electronic information as well. Protecting data is probably something that most practice employees have not been trained to do nor are they familiar with best security practices. Data security is usually left to IT consultants who...
An article over at KevinMD.com on using Dropbox to store transcriptions has set off a lot of conversation on Twitter asking if Dropbox is HIPAA compliant. Let’s look at what the article references: www.dropbox.com Download the Dropbox software (free) and save files to your Dropbox in the cloud. Access Dropbox files from any computer with a web...
In what appears to be a reoccurring story, another hospital is notifying over 90,000 patients that their personal information has been breached. MidState Medical Center in Meriden, Conn., has notified around 93,000 patients that their information was stored on a USB drive and the drive is now lost. Information on the drive included names, addresses,...
One of the questions that I get asked a lot is; What does it take to be compliant with the HIPAA Security Rule? And when I start to answer the question, inevitably the person’s eyes glaze over. So to prevent your eyes from glazing over I will give the simple answer: A lot. OK, that...
Let’s work together! At HIPAA Secure Now! our main focus is on helping healthcare organizations become compliant with the HIPAA Security Rule and HITECH act. We realize that we are only a piece of the puzzle. We can help with policies and procedures, a risk assessment and training but there is a lot more to...
As we work with more and more clients to help them comply with the HIPAA Security Rule, it is becoming clear that many people don’t fully understand HIPAA. The good news is that we can help them understand HIPAA and all the things that need to be done to comply with HIPAA and to protect...
The Health and Human Services’ Office of Civil Rights (OCR) has handed out over $5 million in HIPAA fines in the past 2 weeks. OCR has also stated that more HIPAA enforcement is coming. So now is a very good time to think about how you can avoid regulatory penalties and even more importantly, how...
OCR is serious about enforcement! That is a message that 3 officials from the U.S. Department of Health and Human Services’ Office for Civil Rights made clear as they presented at the 19th National HIPAA Summit. The 3 officials who presented (links below take you to their presentations [PDF] ) were: Susan McAndrew – Deputy Director for...
Recent Comments