HIPAA Whistleblowers

in HIPAA Headlines by John Brewer Leave a comment

Just like in any profession, there is a desire by the government to have whistle-blowers. A whistle-blower makes the job of policing much easier for the government. The whistle-blower will get job protection (if they want to stay on) and typically a percentage of any fines.  Remember, HIPAA fines can be huge! Let’s take a Read More

Emory Data Breach, Same Old Excuses

in HIPAA Headlines by John Brewer Leave a comment

Does anyone know the #1 reason for a PHI data breach? That’s right, a lost or stolen storage device that is not encrypted. Follow on question: what is the only Safe Harbor for a lost or stolen storage device? Encryption! So, the worst offender is an un-encrypted storage device, yet one of the easiest things Read More

My PHI Breach Part 1

in HIPAA Headlines by John Brewer Leave a comment

It is not unusual for me to rant here about the ridiculous level of recklessness the medical community has for our PHI. Specifically, the easiest thing to point out, as it happens all the time, is the “theft” (or loss) of a portable storage device. For those keeping score, a portable storage device is anything Read More

Sutter Breach Notes

in HIPAA Headlines by John Brewer Leave a comment

As I’ve preached before, if you are going to store PHI on a mobile device (laptop, external hard drive, etc), you better make sure that you encrypt the hard drive. Typically, I am less concerned about desktop PC’s and servers as, you should have proper physical security systems in place. The recent Sutter Medical Foundation Read More

Do as I say, not as I…Oops!

in HIPAA Headlines by John Brewer Leave a comment

Take a look at a list of PHI breaches and there are a few items that stand out: Many are at the hands of a contractor Most are portable storage device losses or theft (this includes tapes, laptops, etc) Lots are at big government entities One of the goals of HIPAA regulations is to give Read More