Meanwhile, back in the world of future breaches, a court seemingly decides that it’s okay to go ahead and purchase technology to produce national ID cards that might produce substandard and insecure cards: The High Court on Tuesday held that implementation of a multipurpose national identity card scheme will be subject to the final outcome…
Category: Uncategorized
Editorial: Drug database access needs tight controls
I recently noted that sheriffs in North Carolina want access to a database containing records of those taking painkillers. Here’s an editorial from a NC paper, the News & Observer: Policing abuse is a growing challenge requiring the cooperation of the medical community and law enforcement, with the state establishing reasonable parameters that will ensure…
Clarifying CT's new Insurance Bulletin reporting requirement
The new bulletin from the Connecticut Insurance Commission, mentioned here, had left me a tad confused, so I wrote to them: Re the definition of a security incident: “The Department considers an information security incident to be any unauthorized acquisition or transfer of, or access to, personal health, financial, or personal information, whether or not…
OK: New law prevents storage of newborn blood samples
Mark Schlachtenhaufen reports: Most states do not inform parents of the retention and research use of newborn blood spot samples, according to the Indiana Center for Bioethics. However, a new Oklahoma law, Senate Bill 1250, authored by state Sen. Jonathan Nichols, R-Norman, prohibits any medical facility from storing or using infant DNA for research without…
GAO: Stronger Safeguards Needed for Contractor Access to Sensitive Information
Elizabeth Montalbano reports: Some federal agencies that deal with highly sensitive data are not adequately protecting it from contract workers, a new Government Accountability Office (GAO) report found. The Departments of Defense (DoD), Homeland Security (DHS), and Health and Human Services (HHS) have some guidance and contract provisions in place for what data contractors can…
AHIMA Files Response to HHS Privacy Rules
Press release from AHIMA: “While AHIMA continues to applaud federal government support for the ideal of protecting patients’ health information rights, the proposed rule-making for HIPAA privacy, security and enforcement by HHS has a number of requirements that we do not believe the industry is ready to undertake; especially as it gears up for Meaningful…