After releasing the HIPAA One Security Risk Analysis, we received exceptional feedback on the product and how much our clients appreciated the simplicity and automation provided by the product. We have been committed to expanding our solutions and add products to be “all things HIPAA”. With the launch of the Privacy Risk Analysis, we now …
This is an example of a “hole” allowing unencrypted backup tapes to leave the facility and led to one of the largest ePHI breaches in history. Had they a solid HIPAA Risk Analysis covering encryption and ePHI disclosure policies, this breach would not had been a breach. Or shown due diligence to help convince the judge …
Earlier in September, 2011, Stanford University Hospital was fined $250K under HIPAA by the State of California. As Stanford U.H. filed an appeal, they were served papers with a $20M lawsuit. That is 20,000 (ePHI records) times $1,000 per record equals $20,000,000. http://www.healthdatamanagement.com/news/breach-hospital-notification-hipaa-privacy-43379-1.html?ET=healthdatamanagement:e2051:197714a:&st=email&utm_source=editorial&utm_medium=email&utm_campaign=HDM_Daily_101411 Per the article, “The lawsuit, seeking a $1,000 award for each affected patient, alleges violation of state law that …
Stanford University Hospital breach – UPDATE – From $250K file to $2.1M Read More »
Ok my blog isn’t dedicated solely to reporting breaches but another breach hit the news. Here is a statement from Indiana University: http://medicine.iu.edu/research/clinical-trials/media-alert-faqs/ HIPAA Risk Analysis requires any PCs that move around (i.e. laptop) be encrypted. This is item #1 on risks using laptops with ePHI on them. Bitlocker anyone? A related article on the …
Indiana University Health Data Breach Affects 3,000+ Read More »