The data breach at Flowers Hospital in Dothan, Alabama finally nears the end after a four-year long nightmare. While there has been no final court approval, the hospital has decided to settle with the 1,200 victims whose information was breached. Each person will receive roughly $5,000 and Flowers Hospital has said payments won't total more than $150,000.
What Happened?
If any of your clients are involved with health care, you know how highly regulated the field is. You may think you are complying with all the regulations and have lock-tight security measures in place at your law firm. But you could be wrong.
Thirty-two percent of breaches in recent years were caused by IT incidents or hacking.
More organizations are utilizing smart phones, laptops and tablets for daily operations but failing to include these devices in a company-wide risk analysis could lead to mobile device security issues.
Entities need to maintain ePHI security and understanding the potential risks associated with mobile devices is a key part of that, which the OCR stressed in its recent cybersecurity newsletter.
As a part of the continued efforts to measure the compliance with HIPAA privacy, security, and breach notification rules, The Office for Civil Rights (OCR) has begun implementing the HIPAA Phase 2 audits, the next phase in auditing the policies and procedures adopted and used by healthcare entities and their business associates.
HIPAA Audits – The Wait is Over – It’s Real This Time
As an IT professional, there are several things that always keep you up at night when you’re responsible for the overall security and well-being of other business interests. The items change over time, but it seems there is always something, right?
Currently, the two items that concern me the most are Crypto-Ransomware attacks that are ever changing and affect all clients (I wrote on this in a recent blog here) and Phase 2 HIPAA Audits that have recently begun.
