Blog Posts Tagged with "Healthcare"

C787d4daae33f0e155e00c614f07b0ee

Information Security as the Doctor of the Enterprise

September 05, 2011 Added by:Robb Reck

Aren’t we in information security playing exactly the same role in our organizations that our doctor’s play in our healthcare? We evaluate, diagnose, and treat our patients, just like our doctors do for us. But our evaluations are called risk assessments instead of checkups...

Comments  (1)

959779642e6e758563e80b5d83150a9f

Medical Device Security in a Hospital Network

July 28, 2011 Added by:Danny Lieberman

Developing for embedded Linux is not copy and paste from Windows. It requires expertise to setup the basic infrastructure. But, once that infrastructure is up, the medical device developer and it’s hospital customer can be confident that they are standing on a secure platform...

Comments  (2)

10e258c8d23d441b915c1b2333b6996a

Privacy and Security Policies: A HIPAA-HITECH Checklist

July 24, 2011 Added by:Jack Anderson

"An important component of preparing for a potential HIPAA compliance audit is to complete a walk-through to make sure privacy and security policies and procedures are practical and effective..."

Comments  (0)

16443e0c6f6e4a400fd0164b3c406170

Patient Data: The Crown Jewels

July 21, 2011 Added by:Christopher Burgess

When the first five months provides a rate of one million records a month in lost patient data, by year’s end five percent of the US population will have had their medical records compromised. We have no choice but to take action now and keep the second half of 2011 from replicating the first...

Comments  (0)

65be44ae7088566069cc3bef454174a7

UCLA Health System Pays $865K to Settle HIPAA Violations

July 10, 2011 Added by:Rebecca Herold

“Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections. Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity..."

Comments  (0)

959779642e6e758563e80b5d83150a9f

Ban Windows from Embedded Medical Devices

June 24, 2011 Added by:Danny Lieberman

The combination of large numbers of software vulnerabilities, user lock in created by integrating applications with Windows, complexity of Microsoft products and their code and Microsoft predatory trade practices are diametrically different than Linux and the FOSS movement...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA-HITECH Compliance: Two Free Webinars

June 16, 2011 Added by:Jack Anderson

We have scheduled two new free webinars on HIPAA HITECH for Smarties. These webinars feature a presentation by Rebecca Herold,CIPP, CISSP, CISA, CISM, FLMI, recently voted the 3rd best privacy advisor in the world, in competition with large law firms and consulting practices...

Comments  (0)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Find Out Who Has Accessed Your Health Records

June 07, 2011 Added by:David Navetta

Access reports would include the date and time of access, and the name of the individual or entity accessing an individual’s health information. Additionally, an access report would include a description of the information that was accessed and of the action taken by the user...

Comments  (0)

65be44ae7088566069cc3bef454174a7

HHS: HIPAA Privacy Rule Accounting of Disclosures

June 01, 2011 Added by:Rebecca Herold

Covered entities and business associates would need to account for disclosures of PHI in electronic health records that are part of a designated record set for treatment, payment and health care operations in addition to the existing requirements for accounting for access to PHI...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH Breach by a Small Practice: Actual Experience

May 17, 2011 Added by:Jack Anderson

A HIPAA HITECH breach caused by an office burglary resulted in a letter from OCR demanding a large amount of information in a very short time frame. Below are actual quotes from the OCR letter that are as scary as an IRS audit letter...

Comments  (0)

959779642e6e758563e80b5d83150a9f

Threats to Personal Health Information

May 14, 2011 Added by:Danny Lieberman

Humans are naturally curious and always worried when it comes to the health condition of friends and family. HIPAA risk and compliance assessments at hospitals in Israel, the US and Australia consistently show that the number one attack vector on PHI is friends and family, not hackers...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH Compliance: No Substitute for Experience

May 03, 2011 Added by:Jack Anderson

Whether you are a large enterprise looking to manage hundreds of internal business units, a business associate looking to provide proof of compliance, or a very small sub-contractor, a comprehensive privacy and information security program is needed to meet HIPAA HITECH compliance...

Comments  (2)

65be44ae7088566069cc3bef454174a7

Physician Learns A Hard PHI Lesson

April 20, 2011 Added by:Rebecca Herold

What is important to point out about this case is that the doctor described the patient’s injuries in such a way that an unauthorized third party would be able to identify the person described, even though the doctor did not include any of the 18 specifically-named PHI items...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA-HITECH Compliance Free Webinar Series

April 12, 2011 Added by:Jack Anderson

We held the first HIPAA-HITECH Compliance webinar on April 6 with gratifying results. A smart, interested group registered, attended, and asked great questions. This has encouraged us to continue the series. Space is limited for these FREE webinars, so reserve your seat now...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Health Net Incident Impacts 1.9 Million: Lessons Learned

April 07, 2011 Added by:Rebecca Herold

Health Net is clearly stating that IBM is responsible for the breach. Guess what? When you outsource business activities to a third party, you do not outsource your responsibility. What was Health Net doing to ensure, on an ongoing basis, that IBM had appropriate safeguards in place?

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Disruptive Innovation in HIPAA HITECH Compliance

April 01, 2011 Added by:Jack Anderson

Healthcare needs disruptive innovation. HIPAA HITECH provides an opportunity to profoundly change information security and privacy by bringing millions of new participants into the picture. HHS estimates that 1-2 million business associates need to become HIPAA HITECH compliant...

Comments  (0)

Page « < 2 - 3 - 4 - 5 - 6 > »