HIPAA

(get it in RSS or Atom)

Google's after your health data with 'Google Fit' service

Dumbbells. Image courtesy of Shutterstock

Google's reportedly about to jump into the growing fitness data marketplace - a mosh pit that consumer advocates are already calling a privacy nightmare - to wrestle with Apple and Samsung for the data getting created by fitness trackers and health-related apps.

Medical centre staff post woman's STD diagnosis on Facebook

Medical centre staff post woman's syphilis diagnosis on Facebook

A woman whose medical record was posted to a Facebook group named "Team No Hoes" is suing the University of Cincinnati Medical Center, two employees and a former boyfriend who allegedly talked the healthcare workers into posting the screenshot.

Hollywood hospital fires six for snooping into patient records

Hollywood glamour hospital fires six for snooping into patient records

The employees, who worked at Cedars-Sinai in Los Angeles, used doctors' logins (which they shouldn't have given out in the first place) to access patient data without authorization. If private information about celebrities is this irresistible (which it's proved to be), hospitals and doctors have to further tighten down their security.

Some US states strengthen data breach notification laws, others ignore them

shutterstock_DataPrivacy250

Vermont and North Dakota have recently bolstered their data breach notification laws to cover more organizations and additional types of personal information. Meanwhile Michigan lost 49,000 people's names, birth dates and cancer screening records and claims they aren't protected information.

Medical group fined $140K for tossing patients' health records into public dump

Medical group fined $140K for tossing patients' health records into public dump

Medical diagnoses for cancer patients, names and Social Security numbers all went into the trash, unredacted and unshredded, probably in a very misguided effort to save a few bucks on proper record destruction.

State of Alaska fined $1.7 million for lax security protecting health records

State of Alaska fined $1.7 million for lax security protecting health records

The State of Alaska has been fined $1.7 million after losing a hard disk that may have contained electronic health records. The investigation by HHS into the loss led them to discover systememic security problems within the state.

Doctors shouldn't buddy up with patients on Facebook or Twitter, hospitals warn

Doctors shouldn't buddy up with patients on Facebook or Twitter, hospitals warn

Hospitals, worried about lack of professionalism and inadvertent leaking of confidential data, are warning doctors not to set up relationships with patients on Facebook and Twitter.

SSCC 85 - FAA, Carberp arrests, RDP vulnerability and first HITECH fine

SSCC 85 - FFA, Carberp arrests, RDP vulnerability and first HITECH fine

In this week's episode John Shier joins Chet to discuss the review of electronic device usage on airplanes by the FAA, the arrests of the Carberp malware authors, the worm danger from the MS12-020 RDP vulberability and whether the time has come for encrypting more than just laptops and USB drives.

US health insurer fined $1.5m over 2009 data breach

US health insurer fined $1.5m over 2009 data breach

All healthcare providers and insurers need to know the onus is on them when it comes to training and securing personal information.

Stanford Hospital leaks 20,000 patient records

CCDoNotLickStanfordHospital245

Stanford hospital lost 20,000 sensitive records through a mistake made by a third party billing company. When will our electronic health records be properly safeguarded?

SSCC 50 - Windows 7 SP1, OddJob Trojan, HIPAA fines and erasing SSDs

Sophos Security Chet Chat 41

Chet Chat 50 features Tony Ross talking with Chet about Windows 7 SP1, a new banking Trojan, HIPAA and the difficulty with securing disposing of Solid State Disks.

HIPAA fines prove the value of data protection

MassGeneral250

This week the US Department of Health and Human Services levied the first fines under the HIPAA act. Now that they have proven they mean business, other health care organizations need to be sure they have the proper protections in place.