Healthcare

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced two resolution agreements in March over potential violations of the HIPAA Privacy Rule, reaching high figures for penalty fines.

There was a time when protecting electronic health care data focused on network controls to monitor and control incoming and outgoing network traffic. IT teams put up walls with controlled access points, and with each shift in technology, new walls were raised. The rise in mobility, the cloud, and the Internet of Things have challenged this perimeter-based security mentality. With data now spread across millions of access points that...

Released in 2014, the eight Core Principles created by AHIMA hinge on data privacy and security, which we've examined before. The Principles make clear that compliance is only part of the data responsibilities placed upon healthcare organizations.

We recently released the results of our new report, IT Confidential: The State of Security Confidence, in which we uncovered some surprising truths about the insider threat. In particular, our report revealed that those tasked with protecting data, the “gatekeepers,” were often responsible for putting it at risk. This result was universal across all industries, including highly regulated industries such as healthcare.

As one of the nation’s leading providers of home respiratory services and certain medical equipment, Apria Healthcare sought a solution to mitigate the potential risk of exposed data on lost or stolen devices and to remotely monitor the status of devices to avoid a healthcare data breach.