Tags » Breach Notification

Breaches, Breaches, Everywhere

It often seems as though a day does not go by without the report of a new breach of healthcare data. Examples of breaches include loss of unencrypted devices (whether laptops, flash drives or other devices), usage of non-secure services, inattention to paper records, employee snooping, and more. 746 more words

Compliance

Employee Retaining Stored Patient List on Personal Laptop Triggers Data Breach Obligation

An employee of East Bay Perinatal Medical Associates in Oakland, CA, retained on his personal laptop, a patient list that he had prepared as part of his job. 99 more words

Data Breach

Employee Viewing Information Without Authorization Triggers Data Breach Notification Obligation for Credit Union

An employee of Golden State Credit Union viewed member account information, containing Personally Identifiable Information (PII), without having the requisite authority to view such accounts. This action — alone — was sufficient to trigger the notification requirement of the California data breach notification law, at great expense and frustration for the Credit Union, which offered credit monitoring services to those affected. 51 more words

Data Breach

Why every CIO needs a cybersecurity attorney (my comments on why this is my favorite article ever)

Wow, this article seriously just made my day.

I will apologize in advance to my friend and CSO writer and Michael Santarcangelo (@catalyst), but this may very well be my favorite article — anywhere — of all time! 686 more words

Data Breach

5 steps to respond to a security breach

Is your organisation equipped to deal with potential financial and reputational damage following an attack? 

Has your organisation established an incident management plan that covers data breaches? 1,105 more words

Brian Pennington

When a Breach Isn't a Breach: Understand HIPAA Rules

A hospital in Arkansas recently learned the lesson of the nuances contained within the HIPAA Privacy Rule.  There are many uses and disclosures identified in the Privacy Rule that permit actions that would otherwise appear to be a breach. 489 more words

Compliance

The Cloud is Good, But Know Where Data Go

A recent settlement announcement from the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) highlights the need to evaluate web-based applications and storage solutions.   568 more words

Compliance