720-891-1663

Health and Human Services Issues New Guidance on Ransomware

The U.S. Department of Health and Human Services Office of Civil Rights, the government entity that manages the privacy of health care information that you share with doctors and others, has issued new guidance on ransomware. While technically, it only applies to organizations that they regulate, in reality, almost everything they said applies equally to […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Failure To Follow Minimum Required Practices

I  have written several times about the fight between Cottage Health System and Columbia Casualty, a division of CNA Insurance. In 2013 Cottage’s systems were breached and the private information of thousands of patients was publicly disclosed.  Their insurance company paid $4.125 million for costs related to the breach, including a class action lawsuit. That […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Systema Leaves Insurance Claims Data In The Cloud – Unprotected

Databreaches is reporting that someone discovered a large amount of data on a public segment of Amazon Web Services.  This person, described as a technology enthusiast (i.e. a geek) downloaded some of this data and discovered it contained medical claims data. The repository, which supposedly contained gigabytes of data was later identified to belong to […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Office Of Civil Rights At HHS Starting Up Audits Again

The Office Of Civil Rights (OCR) has been pretty quiet these last couple of years regarding HIPAA audits, but that may be about to change. OCR’s staff is small, so they have hired a contractor, FCI,  according to the Federal Register. In an interview, deputy director Deven McGraw says that they will be starting up […]

Continue reading → [DISPLAY_ACURAX_ICONS]

The Cost Of Not Following The HIPAA Rules For One Firm – $750,000

Cancer Care Group, an Indianapolis based Oncology practice learned a lesson the hard way. They allowed an employee to have an unencrypted laptop and a server in his car, from which both computers were stolen. They discovered that the computers contained protected health information – social security numbers and insurance data for 55,000 patients. The […]

Continue reading → [DISPLAY_ACURAX_ICONS]