The End of Innocence?

Posted by on May 14, 2013 in HIPAA Headlines | 0 comments

The MED in Memphis, which is a the regional medical center in Memphis, TN is notifying 1,200 patients of a PHI breach. This breach is has been classified as an “innocent employee mistake“, in which 3 un-secure emails were sent with attachments that contain PHI. This goes right to my email soap box speech. I will give the shortened version of it now: Never should anyone in your office say they are going to email anything that contains PHI.  The term email and PHI should never be used together. Instead the term used should...

read more

One eMail is Not Enough

Posted by on Jul 18, 2011 in HIPAA Headlines | 0 comments

Remember that TV show Eight is Enough? Ah those were the days. Life was simple; there were only 3 TV channels. The internet…wasn’t. The Atari 2600 might have existed at this point, I really don’t remember.  Pong was definitely around. Today things are drastically different With the government pushing medical practices to go electronic, there are a whole slew of requirements that are popping up. I can hear the grumbling now: “This doesn’t make any sense”  “Why would they ever require that?” “This is the dumbest...

read more

Secure Email is Not

Posted by on Jan 20, 2011 in HIPAA Headlines | 0 comments

I don’t do “told you so” moments. I do learn from incidents. Now, let’s learn: Indianapolis, Indiana:  St. Vincent Hospital, Nov. 12, 2010 approximately 1,800 patient’s PHI was revealed to third parties. Read the disclosure announcement here. What happened? The hospital apparently has a secure email system. On November 12, 2010 some “hospital employees unintentionally revealed their email login information to third parties.” From here, the “third parties” were able to access  PHI...

read more

Ban Facebook From Your Office

Posted by on Dec 6, 2010 in HIPAA Headlines | 0 comments

At the most basic level, why any business would want their employees to have access to a time waster is beyond me. Back in “the day”, when windows was young, there was a time waster included (it still is) called solitaire. Time Waster Larger businesses have their IT folks remove solitaire from the computers. Why?  Because it is a time waster. So, concerned business person…how do you feel about your staff playing solitaire during the work day? That just doesn’t make much sense, does it? Hire people to play solitaire? How...

read more

HIPAA Compliant Email Encryption

Posted by on Apr 16, 2010 in HIPAA Headlines | 0 comments

There is a lot of talk about this lately…HIPAA compliant email. First, you need to realize, standard email is NOT a secure method of transmitting ePHI. Most private practices don’t have secure email. Many hospitals do. Should you have it? My argument is no. Why not? There really is no reason for it. A hospital may be able to make the argument, and justify the risk, of a secure email system. Most private practices just shouldn’t bother. The first thing one needs to realize is, even if you have a secure email system at...

read more