Data loss is the top cybersecurity threat (32 percent) among respondents to a survey from technology services provider CDW.
The South Carolina Department of Health and Human Services discovered this month that a Medicaid employee inappropriately transferred personal information for 228,435 Medicaid beneficiaries to their personal email account, constituting a violation of agency policy.
A class action lawsuit has been filed against St. Joseph Health System of Orange, Calif., in light of a year-long patient data glitch.
The role of privacy officer has changed since it was mandated in 2003 by HIPAA. New regulations, technology and data-sharing initiatives have reshaped the landscape, according to Chris Dimick, staff writer for
Journal of AHIMA, who outlined the new role of the privacy officer in the April edition.
Memorial Healthcare System in Hollywood, Fla., is notifying patients of a data breach affecting patients' health information.
Human error remains the greatest threat to data security across the healthcare industry, according to an April report from Healthcare Information and Management Systems Society (HIMSS) Analytics.
The Utah Department of Technology Services (DTS) notified the Utah Department of Health (UDOH) of an information breach on a DTS server that houses Medicaid claims this week. The initial breach appears to have taken place on Friday, March 30. During the breach, information was accessed from approximately 24,000 claims.
Washington, D.C.-based Howard University Hospital has sent a letter to 34,503 patients informing them of a potential disclosure of protected health information that occurred in late January.
The Federal Trade Commission (FTC) has issued a final report setting forth best practices for businesses to protect the privacy of U.S. consumers and give them greater control over the collection and use of their personal data.
Negligent insiders are the top cause of data breaches but malicious attacks are 25 percent more costly, according to the findings of the "2011 Cost of Data Breach Study: United States," published by Symantec and the Ponemon Institute.
Georgia Health Sciences University has notified 513 patients about the theft of a laptop computer that may have contained some of their personal information.
As adoption rates rise, health IT makes protected health information (PHI) available to more organizations and entities, increasing the likelihood of data being improperly disclosed, lost or stolen. Despite the risks and costs of a potential data breach, many healthcare executives aren’t doing enough to support their organizations’ security efforts, but researchers from the American National Standards Institute (ANSI) believe they’d do more if the far-reaching consequences of a breach were more clearly outlined.
On Dec. 5, 2011, Metro Community Provider Network in Englewood, Colo., became aware that a hacker potentially accessed the personal health information of approximately 2,000 patients.
A total of 385 breaches of protected health information (PHI) affecting over 19 million records have been reported since the August 2009 interim final breach notification regulation was issued as a part of the HITECH Act.
Lexington Clinic, a multispecialty group in Lexington, Ky., is notifying 1,018 patients of a privacy data breach, as a laptop was stolen from the group’s neurology department on Dec. 7, 2011.
In 2010, the healthcare community accounted for only 1 percent of the 761 data breaches examined in a January 2011 report on data security published by communications company Verizon--which is a decrease from the previous year.
This month, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) will commence performing HIPAA audits for a new pilot that will use the audit program to assess HIPAA compliance efforts by a range of covered entities.
During a home invasion, an external computer hard drive that contained some personal information on 16,288 University of California Los Angeles (UCLA) Health System patients was stolen.
A class action complaint has been filed against Stanford Hospitals and Clinics for the unlawful disclosure of confidential medication information obtained from patients on a public website.
A purported class action lawsuit was filed against Stanford Hospital & Clinics (SHC) and outside vendor Multi-Specialty Collection Services (MSCS) on grounds that MSCS caused some confidential information about patients who visited Stanford Hospital’s emergency room to be posted on a website. “SHC intends to vigorously defend the lawsuit that has been filed as it acted appropriately and did not violate the law as claimed in the lawsuit,” an Oct. 3 statement from the Stanford, Calif.-based provider stated.
