September 8, 2016

Nearly 20M Patients Affected This Summer After Huge Month of PHI Breaches

The number of breached records reported in August totals an unsettling 8,804,608. While this total does not exceed the staggering 11 million records we reported in June, it once again demonstrates that PHI breaches continue to be a huge problem for a wide array of institutions.  Even more troubling, one breach reported this month began in 2008, taking more than eight years to be publicly reported.

The Protenus Breach Barometer is a monthly snapshot of reported or disclosed breaches impacting the healthcare industry, with data compiled and provided by DataBreaches.net.

Sign-up to be one of the first to receive our Breach Barometer each month.

Continue Reading
September 7, 2016

How the HIPAA Security Rule Can Guide a Proactive Security Posture

Being HIPAA-compliant has been a hot topic among healthcare organizations ever since HHS published the HIPAA Security Rule on February 20, 2003. The Security Rule established the standards a healthcare organization had to meet in order to comply with rules set in place to better protect patient privacy. The sad truth is, however, that many organizations do not meet these standards, and now, with healthcare data breaches on the rise, it is more important than ever for organizations to take proactive measures to protect the privacy of their patients.

Download the Protenus Privacy Primer to view the full spectrum of privacy postures in healthcare today and see how your organization is stacking up.

Continue Reading
September 1, 2016

VIPs and Presidential Candidates' Medical Records Face Heightened Privacy Vulnerabilities

Earlier this year, Jackson Memorial Hospital fired two employees for inappropriately accessing Giants defensive end Jason Pierre-Paul’s medical records. The two employees sold the information in the VIP’s record to ESPN’s Adam Schefter. Schefter, who has 5.19 million Twitter followers, tweeted the records while Pierre-Paul had surgery on his right index finger. Pierre-Paul sued ESPN and the NFL for violating his privacy under HIPAA, and in August, a judge ruled that Pierre-Paul could move forward with his lawsuit. This summer, the major-party U.S. Presidential candidates are facing scrutiny over their health records and history. They are under pressure to refute false claims and respond to amateur diagnoses circulating via various media outlets.

Continue Reading
August 24, 2016

Cost of a Healthcare Data Breach: Lawsuits

Imagine the following scenario: a celebrity is visiting your hospital after suffering a minor injury. One of your employees lets curiosity get the better of him and accesses the celebrity’s electronic health records (EHRs) without authorization. A protracted lawsuit follows, this cost of a healthcare data breach can cost months of time and hundreds of thousands of dollars. The media covers the scandal extensively, costing your organization even more by giving it bad publicity and driving customers away.

Continue Reading
August 17, 2016

Cost of a Breach: Forensics and Notification

Continuing our Cost of a Breach series that examines and breaks down the cost of a hospital data breach, this week’s post will take a closer look at the first two steps a hospital or healthcare institution must take after a data breach has occurred: forensics and notification. In the aftermath of a data breach, the first thing a healthcare organization must do is determine what electronic health records (EHRs) were illegitimately accessed and who accessed them; this process is known as data forensics. Once the scope of the breach is known, an institution must then notify any affected patients and provide them with specific support services.

Continue Reading

Receive the latest article to your inbox