Easy is Usually Not Secure

in HIPAA Headlines by John Brewer Leave a comment

I’m really going to talk about Dropbox and the recent security issue they had, but before that I want to illustrate something. When I speak with medical offices about reducing the risk of a PHI breach I generally hear lots of frustration on the other side. I get it. Let’s look at this from a Read More

Social Engineering

in HIPAA Headlines by John Brewer Leave a comment

Most computer infections, network break-ins and “hack” jobs are accomplished using a thing called Social Engineering. The Collins English Dictionary defines Social Engineering as: the manipulation of the social position and function of individuals in order to manage change in a society. I define social engineering as: tricking people to get them to do what Read More

The End of Innocence?

in HIPAA Headlines by John Brewer Leave a comment

The MED in Memphis, which is a the regional medical center in Memphis, TN is notifying 1,200 patients of a PHI breach. This breach is has been classified as an “innocent employee mistake“, in which 3 un-secure emails were sent with attachments that contain PHI. This goes right to my email soap box speech. I Read More

Shredding Shenanagins

in HIPAA Headlines by John Brewer Leave a comment

Shredding is an “old school” issue. It doesn’t matter if you have an EHR or not. And as we all know, even with an EHR, that “paper-less office” is far from paper-less. Shredding is becoming an issue. A few months back a member of the cleaning crew stole records that were sitting in the shred Read More

The Big Breaches

in HIPAA Headlines by John Brewer Leave a comment

Go Utah Go! Utah Medicaid confirmed that on January 15, 2012 they had a data breach of 6,000 beneficiaries. 10 months earlier, data on 780,000 people was stolen from the same agency. Then in November of 2012, Utah’s state insurance exchange was hacked with a “graffiti attack”. Why do we hear mostly about these huge Read More