Just like in any profession, there is a desire by the government to have whistle-blowers. A whistle-blower makes the job of policing much easier for the government. The whistle-blower will get job protection (if they want to stay on) and typically a percentage of any fines. Remember, HIPAA fines can be huge! Let’s take a Read More
Does anyone know the #1 reason for a PHI data breach? That’s right, a lost or stolen storage device that is not encrypted. Follow on question: what is the only Safe Harbor for a lost or stolen storage device? Encryption! So, the worst offender is an un-encrypted storage device, yet one of the easiest things Read More
It is not unusual for me to rant here about the ridiculous level of recklessness the medical community has for our PHI. Specifically, the easiest thing to point out, as it happens all the time, is the “theft” (or loss) of a portable storage device. For those keeping score, a portable storage device is anything Read More
As I’ve preached before, if you are going to store PHI on a mobile device (laptop, external hard drive, etc), you better make sure that you encrypt the hard drive. Typically, I am less concerned about desktop PC’s and servers as, you should have proper physical security systems in place. The recent Sutter Medical Foundation Read More
Take a look at a list of PHI breaches and there are a few items that stand out: Many are at the hands of a contractor Most are portable storage device losses or theft (this includes tapes, laptops, etc) Lots are at big government entities One of the goals of HIPAA regulations is to give Read More
Recent Comments