Yet Another Lost

in HIPAA Headlines by John Brewer Leave a comment

Laptop. Lost?  Stolen? Does it matter? No. Hurley Medical Center in Flint Michigan can’t find a laptop that had upwards of 2,000 patients on it. “The medical center has a policy that laptops must be password protected and have a tracking device…” Quick reminder – password protection doesn’t mean squat. You must encrypt! I am Read More

A Different Kind of Breach

in HIPAA Headlines by John Brewer Leave a comment

We are going to see over the next few years that, any time PHI is made available to someone other than the patient, it will be considered a breach. A perfect example if given to us by the BCBS of Florida as they accidentally sent some 3,500 monthly explanation of benefits statements out.  The problem Read More

Kept Clients in Dark

in HIPAA Headlines by John Brewer Leave a comment

You certainly don’t want your practice name to precede that headline in your local news paper. __________Kept Clients in Dark No two ways about it that is BAD. Yet we have major players screwing up seemingly straight forward issues. Sony with the (repeated) PSP hacks Weinergate – need I say more? Now we have Citibank Read More

5 Things After a Breach

in HIPAA Headlines by John Brewer Leave a comment

Many times it is the after-incident response by an individual or company that dictates how the public reacts to the issue. A few notable incidents include: Toyota and the “run away” accelerator issue The Sony Playstation data breach LastPass possible breach The first two above where handled in what most might call the “typical big Read More

Dropbox HIPAA Compliance

in HIPAA Headlines by John Brewer 5 Comments

There seems to be a flurry of activity about whether a cloud storage service called DropBox is HIPAA compliant or not. On the surface it appears that DropBox would be HIPAA compliant. As their site states: “All transmission of file data occurs over an encrypted channel (SSL).” “All files stored on Dropbox are encrypted (AES-256)” Read More