Ellysa Gonzalez reports: The Lubbock Cardiology Clinic bought an advertisement on the Lubbock Avalanche-Journal website to announce a security breach in its Electronic Health Record system. The advertisement reads, “To the patients of Lubbock Cardiology Clinic, it is with regret that I must inform you of an unauthorized access into the HER (sic) containing our…
Category: Uncategorized
Clinical Reference Laboratory notifying some insurance applicants that personal information was lost in the mail.
Clinical Reference Laboratory is notifying individuals who applied for insurance with Nationwide Mutual Insurance Company that some of their personal information may have been lost in the mail. On April 9, CRL wrote that invoices for their services were sent to Nationwide on February 6 with applicants’ names, dates of birth, last four digits of…
Medical Privacy: Digital Technology Can Leave Your Health History Exposed
From EFF: The digitization of medical records is being pitched to the public as a way to revolutionize healthcare. But rapid technological innovation and lagging privacy laws are leaving patients – and their most sensitive information – vulnerable to exposure and abuse, especially in this age of “big data.” The Electronic Frontier Foundation (EFF) is…
Heartbleed Bug Endangers Medical Data, Internet as a Whole
So far, I’m not seeing much coverage of the Heartbleed bug and the security of patient information, although the Heartbleed crypto bug may be the biggest security news/threat of the year. Chris Wiltz writes: A bug has been discovered by security solutions provider Codenomicon Defensics and Google Security that would allow hackers to access a…
Wyndham's motion to dismiss FTC data security complaint denied
One of the cases I’ve been covering on this blog is LabMD‘s challenge to the FTC’s authority to enforce data security in the health care sector. In its recently filed complaint in federal court in Georgia, LabMD raises some of the same issues raised by Wyndham in federal court in New Jersey, including the issue…
Helping Entities Implement Privacy and Security Protections Medscape Programs
HHS has recently added another training module to its offerings. The latest is on EHRs and HIPAA: OCR has six educational programs for health care providers on compliance with various aspects of the HIPAA Privacy and Security Rules. Each of these programs is available with free Continuing Medical Education (CME) credits for physicians and Continuing…