A large New York hospital system learned this lesson the expensive way. According to a U.S. Department of Health and Human Services (HHS) press release issued earlier this week, the Office for Civil Rights (OCR) investigated a hospital system breach back in 2010 involving the loss of an unencrypted flash drive. According to the press
Encryption
The Blindfolded Business Associate: New HHS Guidance on HIPAA and Cloud Computing
By Elizabeth Litten on
According to the latest HIPAA-related guidance (Guidance) published by the U.S. Department of Health and Human Services (HHS), a cloud service provider (CSP) maintaining a client’s protected health information (PHI) is a business associate even when the CSP can’t access or view the PHI. In other words, even where the PHI is encrypted…
Lack of Preparedness and Government Access Top Data Security Agenda
By Elizabeth Litten on
The private sector is still not prepared – and generally lacks the knowledge – to respond effectively to a major cyber breach, according to 80 percent of respondents in a survey released by Fox Rothschild LLP.
“There is an alarming lack of awareness at the senior level when it comes to data governance practices in…
Apple, the FBI, and iPhone Encryption: A Battle of Biblical Proportions with Implications for HIPAA
By Elizabeth Litten on
Whether it was an apple or a quince, pomegranate, or some other more botanically-likely fruit growing in the Garden of Eden, God’s command in Genesis was clear: do not eat the fruit from the tree of the knowledge of good and evil. When Adam and Eve ate the apple (or other fruit) anyway, they gained…