HIPAA Encryption: Indiana Medical Firm Data Breach Affects 230 Healthcare Organizations.

Last week, a Indiana medical firm saw a massive medical data breach that extended throughout the entire U.S.  Per online reports, possibly 4 million people in more than 230 hospitals and other healthcare organizations were affected by the breach, which occurred in May of this year. Hackers stole protected health information that included: “patients’ names, […] read more

HIPAA Data Breach: Medical Office Alerts Patients That Nothing Happened.

I’ve just run across a data breach notification that is a first of its kind: a data breach where the affected organization tells its clients (technically, patients) that nothing happened.  It’s like the Seinfeld show of data breaches.  The breach notification letter is about nothing.  Absolutely nothing.  Yet, there is something there. All kidding aside, […] read more

Medical Laptop Disk Encryption: Valley Community Healthcare Reports Stolen (Unencrypted) Laptop.

One of the worst US states in which to have a data breach, especially a medical data breach, is probably California: in addition to federal HIPAA regulations, California has shown itself to be quite aggressive when dealing with medical entities that experience a data breach.  Indeed, there’s some (valid) criticism that the CA Dept. of […] read more

Encryption vs. Cyberinsurance: One’s Risk Management, The Other’s Risk Transfer.

The Anthem data breach is turning out to be big not only in terms of number of people affected.  According to pymnts.com, quoting ft.com, Lloyd’s of London has stated that cyber attacks are “now too big for private insurance companies to handle” after details of Anthem’s hack were revealed.  This is another development that should […] read more

HIPAA Encryption: Anthem Didn’t Encrypt Data Stolen In Massive Hack.

The wsj.com points out in an article that Anthem Inc, the health insurer that recently announced a massive data breach potentially affecting 80 million people, did not use health data encryption to secure the data that was stolen.  It also points out that applying encryption can be a “balancing act between protecting the information and […] read more

HIPAA Breach Notification: About 30 Days Left To Notify HHS/OCR On Breaches Affecting Less Than 500.

One of the advantages of using encryption software, if you’re in the healthcare field, is that the loss of cryptographically secured sensitive data is given protection from HIPAA/HITECH’s Breach Notification Rules.  If not encrypted, you must notify the HHS’s Office for Civil Rights within 60 business days of discovering the data breach.  However, there is […] read more