HIPAA Laptop Encryption: Second Coordinated Health Data Breach In 30 Days.

Why is PHI encryption recommended by the HHS, Office for Civil Rights, HIPAA experts, and just people in general?  It’s because encryption software can act as a safety net for unforeseen data breaches, as the following story shows. Coordinated Health, a network of hospitals that has seventeen locations all over Pennsylvania, has announced a second […] read more

Data Breaches: UK ICO Declines To Investigate Supposed Santander Email Breach.

The Information Commissioner’s Office in the United Kingdom has declined to investigate Santander, the Spanish banking group, for a purported data breach.  According to theregister.co.uk, people who’ve set up emails that are strictly used for correspondence with Santander are being spammed with junk mail, lending credence to the theory that the bank’s database was breached. […] read more

Kentucky Data Breach Law Signed.

The number of US states that haven’t signed a data protection law has dropped to three.  According to pogowasright.org, the state of Kentucky is the latest state to sign a bill that is aimed at protecting personal data of Kentuckians.  Like many similar state laws, the use of data encryption provides safe harbor from reporting […] read more

HIPAA Security: Don’t Decrypt Data Before You Destroy It?.

HIPAA experts know that there are only two ways to obtain safe harbor for PHI: encrypt it or destroy it.  Seeing how it’s hard to work with destroyed data, most opt to use PHI encryption software to protect their patients’ sensitive information from unauthorized access. However, the rules also clearly state that any data that […] read more

Cost of a Data Breach: MCCCD Data Breach Could Cost Up To $17.1 Million.

The Maricopa County Community College District (MCCCD) data breach has, in some respects, been one of the more controversial data breaches of 2013.  The district didn’t notify people affected by the breach until seven months after they found out about the intrusion.  Furthermore, they only found out about it when the FBI had contacted them. […] read more

HIPAA PHI Encryption vs. Safes: Kmart Burglary Breaches Pharmacy Data.

One of the puzzling aspects of HIPAA Security Rules is that the use of HIPAA data encryption is not a requirement.  Rather, it’s classified as an “addressable” issue.  This means that PHI encryption is “optional” in the sense that you can opt to use something else that’s as good as encryption. In other words, you’ve […] read more