0 By Jeffrey Jones Security Breaches June 22, 2011 Why do security breaches happen? Is it lack of due diligence, theft, hacking or data loss.? How can you prevent this from happening? 0 Jeffrey Jones / About Author More posts by Jeffrey Jones Comments (14) jeff June 24, 2011 at 5:26 pm What is the latest breach? Was it Citibank? Jack July 8, 2011 at 12:03 pm The University of California Hospital just got fined almost a Million … HIPAA OCR Threw the book at them. Willful negligence. jeff July 8, 2011 at 12:05 pm I wonder what the largest fine has been. I also wonder when Hospitals are going to take this seriously… jeff July 8, 2011 at 12:11 pm HIPAA Violation… Welcome to Jail Paul Pepala, 36, of Murrysville, pleaded guilty to one count of knowingly disclosing patient health information, which is a violation of the Health Insurance Portability and Accountability Act, commonly referred to as HIPAA. U.S. District Judge Maurice B. Cohill Jr. set sentencing for Oct. 20 Read more: Ex-UPMC Shadyside worker guilty of HIPPA violations – Pittsburgh Tribune-Review http://www.pittsburghlive.com/x/pittsburghtrib/news/pittsburgh/s_744722.html#ixzz1RWyDVrD3 Larry July 8, 2011 at 12:17 pm Hypothetically, Can I be held accountable if my laptop gets stolen and I am just a worker bee and my Hospital did not tell me that I could not take my laptop home? Mike September 22, 2011 at 12:19 pm Well at a minimum don’t be using that laptop for any personal business. Don’t load anything on to it from a USB. I agree with Jeff on the acceptable use policy. Ask your HR dept for your file. Sometimes documents come out and people sign them without reading. The long and short of it is I wouldn’t want to be the person scrutinized for losing a laptop with patient information on it. Another question, is the hard drive encrypted? jeff July 8, 2011 at 12:20 pm I am not a lawyer, but since you were not told that you couldn’t take it home, then you can take it home. Did you sign an acceptable use policy? jeff September 9, 2011 at 1:39 pm What about this new spam on blog pages… What is the best Spam Blocker? Jeff Jones September 29, 2011 at 10:09 am Ever since we started using our spam blog blocker service. We have no weirdo’s putting strange things on our website. Ask me who it is? Jeff Jones November 9, 2011 at 3:09 pm Who will get hacked next? It will happen to someone who is not doing there job… The issue is that the whole thing can be reasonably avoided, because 90 Percent of these things are an inside job or client side exploit, meaning someone click on a webpage, port 80 and then boom, you take over their machines. Setup a Virtual Tunnel and go for it. Or, someone takes an uncrypted hard drive home and it gets stolen. Jeff Jones November 9, 2011 at 3:14 pm Hey I got one what will the next major hacking incident be: A. Someone takes an unencrypted hard drive home and it gets stolen. B. Someone inside steals data and resells it to make some cash C. An Outside Exploit through an unpatched or old or crappy firewall D. All of the above E. None of the above F. B & C _____________________________ My vote would be A, I’ll keep tabs on this and report in later Jeff Jones November 10, 2011 at 10:24 am Here’s a really big issue in Healthcare right now. Hospitals are trying to reach meaningful use but they say they are disregarding the Security and Privacy Aspects. This is really confusing because of the Mandated Security Objective in Meaningful Use. This is from the website: Healthcare IT News http://www.healthcareitnews.com/news/security-takes-backseat-meaningful-use “Eighty percent of respondents to a March 2011 Healthcare IT News survey of hospital and health system IT professionals showed that achieving meaningful use was top of mind – above privacy and security concerns. Only 38 percent of those who completed the survey indicated they are in the process of enterprise-wide adoption of secure EHRs. The survey results confirm what Oracle and Deloitte, who commissioned the survey, are seeing in the marketplace, attendees were told at a healthcare session at Oracle OpenWorld Conference last month. While meaningful use is very important, privacy and security are down on the priority list, partly as a result of limited resources and competing requirements, said Russell Jones, partner at Deloitte & Touche LLP, in the session Secure EHRs: Achieving ‘Meaningful Use’ Compliance and Preventing Data Theft and Fraud.” Jeff Jones March 15, 2012 at 4:12 pm Tennessee BC and BS just had a breach of 1 Million Records. They had to pay 1.5 Million Dollars in Fines to the Federal Government. Someone broke into a Blue Cross training center in Chattanooga and stole 57 hard drives storing unencrypted information on about 1 million BlueCross members. Cause of breach simple theft. They forgot to lock the doors. The question is what was this information doing there? Comments are closed.