Let’s just say if your laptop has access to confidential patient information, it might make sense to have your i’s dotted and your t’s crossed when it comes to laptop security. MSPmentor reported this week that a Pennsylvania provider was fined $2.5 million dollars when a laptop containing patient information was stolen and hacked into, causing their second data breach. The first breach occurred in 2012 and little information was released. Make sure your IT security is doing everything they can to protect all of your patients on all of your devices. For the full article visit MSP Mentor’s website here.
While engaging in a psych appointment with Leia, Doc Vader frankly discusses his opinions regarding nursing staff ratios. Everyone needs an occasional HIPPA joke in their life. Click below to watch the video.
MSP Mentor recently posted an article stating a network of public health clinics in the Denver, Colorado have been fined $400,000 for HIPAA data breaches. The breaches occurred through phishing (aka email hacking), gaining electronic health records of over 3,000 patients.
“Investigators from the U.S. Department of Health and Human Services Office of Civil Rights (OCR) found that MCPN violated the HIPAA Security Rule by failing to do proper risk assessments or implement adequate cybersecurity measures and procedures.” To view the entire article, visit here.
CSO Online published an article discussing the “10 Security Risks of Wearables”. The article presents an informative breakdown of the security risks wearables potentially bring into the work environment.
“IT should treat wearables like any other computing device on their network, Manzuik says. ‘When possible, consider segregating IoT devices to their own network and don’t connect them directly to the internet.’ Because some IoT devices have ‘a history of poor security,’ organizations should keep these devices on a dedicated network that doesn’t provide any access to internal resources, such as a guest Wi-Fi network…”
To read the full article on CSO Online’s website click here.
E Commerce Times recently posted an article titled, “Why are Health Records so Valuable to Cybercriminals?” The article describes why cybercriminals like to target electronic health records (EHR) and explains how HIPAA does, and at times does not, protect EHRs. To check out the full article visit: http://www.ecommercetimes.com/story/84417.html
If you have not yet had the pleasure of checking out Doc Vadar, the time has arrived. Darth Vadar finished med school and has become Doc Vadar. He brings an array of HIPAA jokes in the form of “dark humor”. In this episode he discusses Jabba the Hutt’s obesity by “not violating HIPAA”, but merely “telling you a FACT”.
According to Patient Engagement HIT, American Health Information Management Association (AHIMA) recently posted data guiding patients through the appropriate process of obtaining their medical records from their providers and navigating through HIPPA privacy regulations.
“Per HIPAA, patients may ask to view and obtain a copy of their health records, receive records in paper or electronic copies, and have records sent to another entity for treatment, billing, or operations purposes, explained Mary Butler, the author of the slideshow and associate editor of the Journal of AHIMA.
Patients can request medical record access at their practice’s health information management (HIM) department. They should come prepared with their photo ID and will be asked to sign a waiver verifying their identity.”
HIPAA Journal’s healthcare data breach report summary article for January 2017 shows that once again healthcare data breaches are up year-over-year.
January 2016 saw the lowest number of data breaches of any month in 2016 (21) and also the lowest number of records exposed of any month in the year (104,056 records). 2017 did not start nearly as well. While lower than the average monthly breaches for 2016 (37.5), January saw 31 healthcare data breaches disclosed. Those breaches resulted in the exposure of 388,307 patient and health plan member records.
The largest healthcare data breach of January 2017 affected CoPilot Provider Support Services, Inc. The breach impacted 220,000 individuals. However, the breach actually occurred in October 2015, with CoPilot discovering the incident two months later in December 2015. The Department of Health and Human Services’ Office for Civil Rights was only notified of the incident last month, well outside the 60-day deadline for reporting breaches.