Security Breaches

Why do security breaches happen? Is it lack of due diligence, theft, hacking or data loss.? How can you prevent this from happening?

0

Comments (14)

jeff
jeff

What is the latest breach? Was it Citibank?

Avatar
Jack

The University of California Hospital just got fined almost a Million … HIPAA OCR Threw the book at them.

Willful negligence.

Avatar
jeff

I wonder what the largest fine has been. I also wonder when Hospitals are going to take this seriously…

Avatar
jeff

HIPAA Violation… Welcome to Jail

Paul Pepala, 36, of Murrysville, pleaded guilty to one count of knowingly disclosing patient health information, which is a violation of the Health Insurance Portability and Accountability Act, commonly referred to as HIPAA. U.S. District Judge Maurice B. Cohill Jr. set sentencing for Oct. 20

Read more: Ex-UPMC Shadyside worker guilty of HIPPA violations – Pittsburgh Tribune-Review

http://www.pittsburghlive.com/x/pittsburghtrib/news/pittsburgh/s_744722.html#ixzz1RWyDVrD3

Larry
Larry

Hypothetically, Can I be held accountable if my laptop gets stolen and I am just a worker bee and my Hospital did not tell me that I could not take my laptop home?

Avatar
Mike

Well at a minimum don’t be using that laptop for any personal business. Don’t load anything on to it from a USB. I agree with Jeff on the acceptable use policy. Ask your HR dept for your file. Sometimes documents come out and people sign them without reading. The long and short of it is I wouldn’t want to be the person scrutinized for losing a laptop with patient information on it.

Another question, is the hard drive encrypted?

jeff
jeff

I am not a lawyer, but since you were not told that you couldn’t take it home, then you can take it home. Did you sign an acceptable use policy?

jeff
jeff

What about this new spam on blog pages… What is the best Spam Blocker?

Jeff Jones

Ever since we started using our spam blog blocker service. We have no weirdo’s putting strange things on our website. Ask me who it is?

Jeff Jones

Who will get hacked next? It will happen to someone who is not doing there job… The issue is that the whole thing can be reasonably avoided, because 90 Percent of these things are an inside job or client side exploit, meaning someone click on a webpage, port 80 and then boom, you take over their machines. Setup a Virtual Tunnel and go for it. Or, someone takes an uncrypted hard drive home and it gets stolen.

Jeff Jones

Hey I got one what will the next major hacking incident be:

A. Someone takes an unencrypted hard drive home and it gets stolen.

B. Someone inside steals data and resells it to make some cash

C. An Outside Exploit through an unpatched or old or crappy firewall

D. All of the above

E. None of the above

F. B & C

_____________________________

My vote would be A, I’ll keep tabs on this and report in later

Jeff Jones

Here’s a really big issue in Healthcare right now. Hospitals are trying to reach meaningful use but they say they are disregarding the Security and Privacy Aspects.

This is really confusing because of the Mandated Security Objective in Meaningful Use.

This is from the website: Healthcare IT News

http://www.healthcareitnews.com/news/security-takes-backseat-meaningful-use

“Eighty percent of respondents to a March 2011 Healthcare IT News survey of hospital and health system IT professionals showed that achieving meaningful use was top of mind – above privacy and security concerns.

Only 38 percent of those who completed the survey indicated they are in the process of enterprise-wide adoption of secure EHRs.

The survey results confirm what Oracle and Deloitte, who commissioned the survey, are seeing in the marketplace, attendees were told at a healthcare session at Oracle OpenWorld Conference last month.
While meaningful use is very important, privacy and security are down on the priority list, partly as a result of limited resources and competing requirements, said Russell Jones, partner at Deloitte & Touche LLP, in the session Secure EHRs: Achieving ‘Meaningful Use’ Compliance and Preventing Data Theft and Fraud.”

Jeff Jones

Tennessee BC and BS just had a breach of 1 Million Records. They had to pay 1.5 Million Dollars in Fines to the Federal Government.

Someone broke into a Blue Cross training center in Chattanooga and stole 57 hard drives storing unencrypted information on about 1 million BlueCross members.

Cause of breach simple theft. They forgot to lock the doors. The question is what was this information doing there?

Leave a comment