ePHI

UPDATE: Risks beyond ARRA, HITECH and HIPAA: PHI = $1,000 per individual = $4.9 Billion charge to TriCare

This is an example of a “hole” allowing unencrypted backup tapes to leave the facility and led to one of the largest ePHI breaches in history. Had they a solid HIPAA Risk Analysis covering encryption and ePHI disclosure policies, this breach would not had been a breach.  Or shown due diligence to help convince the judge …

UPDATE: Risks beyond ARRA, HITECH and HIPAA: PHI = $1,000 per individual = $4.9 Billion charge to TriCare Read More »

Stanford University Hospital breach – UPDATE – From $250K file to $2.1M

Earlier in September, 2011, Stanford University Hospital was fined $250K under HIPAA by the State of California.  As Stanford U.H. filed an appeal, they were served papers with a $20M lawsuit.    That is 20,000 (ePHI records) times $1,000 per record equals $20,000,000. http://www.healthdatamanagement.com/news/breach-hospital-notification-hipaa-privacy-43379-1.html?ET=healthdatamanagement:e2051:197714a:&st=email&utm_source=editorial&utm_medium=email&utm_campaign=HDM_Daily_101411 Per the article, “The lawsuit, seeking a $1,000 award for each affected patient, alleges violation of state law that …

Stanford University Hospital breach – UPDATE – From $250K file to $2.1M Read More »

Indiana University Health Data Breach Affects 3,000+

Ok my blog isn’t dedicated solely to reporting breaches but another breach hit the news. Here is a statement from Indiana University: http://medicine.iu.edu/research/clinical-trials/media-alert-faqs/ HIPAA Risk Analysis requires any PCs that move around (i.e. laptop) be encrypted. This is item #1 on risks using laptops with ePHI on them. Bitlocker anyone? A related article on the …

Indiana University Health Data Breach Affects 3,000+ Read More »

Scroll to Top