Recently Peter Adams, Chief Technology Officer and owner of Ping! Development * emailed me a question in regards to whether health information that would be transmitted from a mobile application with a Bluetooth device connection would need to be secured. Peter explained to me that the data being transmitted would have a user name and password transmitted to a secured server in plain text.
My husband and I are both self-employed. As all self-employed individuals know, health insurance is one of the biggest challenges to shop for and the monthly premium is the biggest budget killer.
We have been lucky and blessed to have been able to obtain satisfactory health insurance along with great doctors who “work within our cash budget”. And it doesn’t hurt that we strive to[...]
As we continue to read about the common occurrences of healthcare breaches, most recently August 3, 2016 announcement by Banner Health’s breach of 3.7 million records, I ask myself who, how or what can be done to prevent these breaches?
Here are the perspectives from two industry experts discussing the same technique.
Jonathan Crowe a Senior Content Manager at Barkly, wrote about [...]
August 3rd, 2016, Banner Health Systems announced that on “July 13, 2016, they discovered cyber attackers may have gained unauthorized access to information stored on a limited number of Banner Health computer servers. The investigation revealed that the attack was initiated on June 17, 2016” and they “began mailing letters to affected patients on August 3, 2016.” In [...]
Last month I was in The Emerald City- (Seattle, Washington) attending to business, renewing old friendships and taking in the beautiful sights-of a place I once called home.
During a social gathering, I introduced myself to a Covered Entity, who then proceeded to confess to me that the nonprofit which he holds the combined role of Privacy and Security Officer, was chosen for the Phase 2 HIPAA [...]
Social Media can be an instrumental tool for marketing, development and gaining of market share within the area of a medical practice.
Many healthcare providers choose to avoid Social Media opportunities due to the potential of the violating HIPAA (Health Insurance Portability and Accountability Act).
The reasons are many: history of healthcare providers becoming a member of the “Wall [...]
Recently, Saint Joseph’s Healthcare System in New Jersey announced that more than 5,000 employees at some of its facilities may be at the risk of identity theft following a phishing scam which potentially compromised their information.
Saint Joseph’s Vice President of External Affairs Kenneth Morris Jr. stated “patient data and medical information were not affected, but [...]
Each month, the headlines read; “Hospital Pays Ransom”, “Provider Group Reports Cyber-Attack”. Breaches, cyber-attacks, Ransomware effecting healthcare denominates the daily news.
Twenty years ago the Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress which included five titles. Congress mandated The Department of Health and Human [...]
February was a busy month for Health and Human Services (HHS) and the Office for Civil Rights (OCR). Here’s a recap.
2-3-2016: HHS Administrative Law Judge (ALJ) ruled that Lincare, Inc. (Lincare) violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and granted summary judgment to the Office for Civil Rights (OCR) on all issues, requiring [...]
The audits by the Health and Human Services Department’s Office for Civil Rights (OCR) are slated to begin early this year.
Of the 350 entities selected, there will be 232 healthcare providers, 109 health plans, and nine healthcare clearinghouses. The business associates will include 25 Information Technology companies and 15 non-Information Technology companies all working within the [...]
After four years of legal proceeding for Susan Jordan, The Court of Appeals of Virginia ruled that the University of Virginia Medical Center (Medical Center) could not fire her for obtaining her ill ex-husband’s medical records, after he was diagnosed with cancer.
On April 23, 2014, Susan Jordan was fired for looking at her ex-husband Kurt’s medical records “without [...]
The Identity Theft Resource Center (ITCR) has been tracking security breaches since 2005, looking for patterns, new trends and any information that may better help us to educate consumers and businesses on the need for understanding the value of protecting personal identifying information.
ITCR reports that within a ten-year period from 2005 to December 2015, there has been 5,810 data [...]
President Obama announced today that he is directing his Administration to implement a near-term and long term plan to maintain the public’s safety, economic and national security along with empowering citizens to take better control of their digital security.
A few of the highlights of CNAP:
Formation of the Commission on Enhancing National Cybersecurity. This Commission is made up of [...]
In last season’s television series of The Good Wife, Attorney Diane Lockhart fell victim to “ransomware”. All of her client files were held for” ransom”, until she wired the hackers a ransom of $50,000.
Just another made for television story? Not so fast, the very next week, one of my clients experienced a frozen computer screen with a message that said [...]
Encrypt or un-encrypt, that is the question after the Health and Human Services (HHS) came out with their recent guidance on patient rights.
Last week the Office for Civil Rights (OCR) announced a significant provision in the new guidance dealing with the issue of encryption.
The guidance includes formalizing a requirement that both covered entities or business associates must provide [...]
Another breach was announced today by Time Warner Cable. The F.B.I notified the company that email addresses, including passwords, may have been comprised of over 320,000 customers
Nathlie Burgos, Time Warner Cable Group Vice President, Public Relations said, “we haven’t yet determined how the information was obtained, but there is no indication that our systems were [...]
Happy New Year! In looking back at 2015, how did your healthcare predictions fare?
It was a busy year; healthcare breaches led the way, followed by the mandated conversion on October 1st of ICD-10, followed by large monetary fines assessed from OCR (The Office for Civil Rights) for noncompliance of HIPAA (Health Insurance Portability Accountability Act). We cannot forget the changes in [...]
What do you get when you mix an employee engaging in social media and add a dash of PHI (Protected Health Information)?
Breach time bomb?
It is well known that social media is flourishing. It is also known that employees participate in one of many social media outlets: Facebook, Snap Chat, Instagram, Twitter, just to name a few. Rarely is an employee without their smartphone, making [...]
Many articles have been written about the effects of patient privacy rights under the Health Insurance Portability and Accountability Act of 1996, (HIPAA) and the social media platforms, such as Facebook, Twitter, and Instagram.
The need has never been greater for organizations to have reasonable and appropriate written policies and workforce training in place to safe guard Protected Health [...]
Does your medical practice have a robust patient satisfaction survey or does a staff member review the many doctor review sites that now are on the worldwide web? Vitals, RateMD or ZocDoc are just a few.
In 2012, the federal government incorporated a shift in how hospitals were being paid for treating people who have Medicare. This program is a part of the pay-for-performance system that was built[...]
No matter what the size of the medical practice is, growth continues in using computers with on-line systems, portable tablets, laptops and mobile devices to transmit Protected Health Information (PHI).
According to Vormetric and Wakefield Research, most health care providers remain unaware of their vulnerability to a medical data theft and the fact that a breach could be far more damaging than a [...]
Personal Information Collected Online
•Personal Information means personally identifiable information such as information provided via forms, surveys, applications or other online fields including name, postal or email addresses, telephone, fax or mobile numbers, or account numbers.
•Before or at the time of collecting personal information, JAL will identify the purposes for which the information is being collected.
•JAL will collect and use personal information solely for the purpose of fulfilling specific contracted engagements or for other compatible purposes, unless consent is obtained from the company and/or individual concerned or as required by law.
•JAL will retain personal information as long as necessary for the fulfillment of a specific contract or for a specific purpose.
•JAL will collect personal information as deemed lawful and where appropriate with the knowledge and/or the consent of the individual or company.
•Personal data should be relevant to the extent of necessary purposes and should be accurate, complete and up-to-date.
•JAL will protect personal information by reasonable safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
•JAL will make readily available to customer’s information about our policies and practices relating to the management of personal information. Terms and Conditions
JAL is committed to conducting our business in accordance with these principals in order to ensure that the confidentially of personal information is protected and maintained. By accessing this website, you are agreeing and bounded by these Website Terms and Conditions of Use, all applicable laws and regulations. If you do not agree with these Terms and Conditions, you are prohibited from using or accessing this website. The materials contained in this Web Site are protected by all applicable copyright and trade mark laws.
Our Online Notices are subject to change. Please review it periodically. If we make changes, we will revise the “Last Updated” date at the top of this Notice. Any changes will become effective the date the revised Notice is posted on the Site.