Rachel King reports: Computer-security researchers have discovered on a website documents that could allow hackers easily to obtain electronic medical records and payment information from health-care providers. The documents—found by two cybersecurity firms on a site commonly used by hackers—detail the type of equipment used in computer networks, the Internet addresses for computers and other…
Month: February 2014
AU: NT government proposes identify theft, card skimming penalties
Computerworld Australia staff report: Proposed amendments to the Northern Territory’s Criminal Code would make it an offence to collect and store identification details about another person for the purposes of identity theft. Under current legislation, a person who obtains someone else’s ID details can’t be prosecuted until they commit a crime. Speaking in the NT…
Breaches: Avoiding Legal Woes
Marianne Kolbasuk McGee interviewed David Navetta of InformationLawGroup on how covered entities can avoid legal woes related to breaches and the significance of a recent settlement between Kaiser and the California Attorney General’s Office. You can listen to the interview on HealthcareInfoSecurity.com. It’s important for covered entities to remember that although HIPAA may allow you…
Coalition complains to OCR about Dignity Health's use of patient information
Steven Slivka of the Las Vegas Review-Journal reported on an OCR complaint last week. According to Slivka, the Nevada Health Services Coalition filed a complaint against Dignity Health, the owner of St. Rose Dominican Hospitals, alleging improper use of patient information. The caption for the accompanying photo, which appears to be misleading or just erroneous, says, “The…
Employee’s Unauthorized Texting of Confidential Health Information May Impose Employer Liability
Jeffrey M. Schlossberg writes about the Doe v. Guthrie Clinic case and lawsuit discussed previously on this blog. When does a medical clinic’s employee’s unauthorized texting of patient confidential health information result in liability to the clinic? The answer; it depends. In Doe v. Guthrie Clinic, Ltd., the Second Circuit Court of Appeals dismissed a patient’s claim against…
Triple-S Salud fined $6.8M for HIPAA breach (updated)
Caribbean Business reports that Triple-S Salud has been fined nearly $6.8 million for violations of the federal Health Insurance Portability & Accountability Act (HIPAA). Triple-S Salud is a licensee of Blue Cross Blue Shield of Puerto Rico and handles managed care for Medicare enrollees. The penalty handed down by the Puerto Rico government’s Medical Insurance Administration…