Archive for the ‘HIPAA’ Category

Infographic: The Year of the Healthcare Data Breach

January 1st, 2016 by Melanie Matthews

The healthcare industry has become a high-profile target for cyber criminals. For the first half of 2015, healthcare ranked #1 in terms of notable incidents of records compromised, with nearly 34 percent of all records compromised across all industries, according to a new infographic by IBM.

The infographic looks at the impact of healthcare data breaches and why healthcare data is so valuable.

Business Associate ManualBusiness Associate Manual is a template-style manual that can be easily adapted to align with your compliance needs as a business associate (BA). All content complies with the Omnibus Rule.

Specifically developed to help BAs meet complex privacy & security compliance requirements. The Business Associate Manual includes: 6 privacy policies; 30 security policies; 6 policies that address common requirements of both the privacy and security rules; 1 breach notification policy; and 4 forms and templates.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: HIPAA Data Breaches on the Rise

October 2nd, 2015 by Melanie Matthews

HIPAA Data Breaches on the RiseHIPAA data breaches are rising, according to research conducted by Privacy Analytics Inc. for a new infographic, HIPAA Breaches 2009-2015.

Culling data from the Office of Civil Rights, Privacy Analytics found over 1,286 reported incidents affecting 153 million individuals at the time of publication. The largest breach was earlier this year from Anthem Insurance, reporting over 78 million records being breached. According to the Guide to the De-identification of Personal Health Information, the costs incurred for a breach – including notification, legal fines, legal fees, forensics, PR and more – is approximately $208 per person. The average data breach was over 100,000 records and cost $24 million. States with the highest number of individual records breached were Indiana, California and Washington State.

The infographic looks at breaches by type, the need for more HIPAA organizational knowledge and training and new data privacy and security challenges as the use of secondary health data grows.

HIPAA Training for Employees DVD
HIPAA Training for Employees DVD provides training on the following: privacy rule basics; use and disclosures; patient rights; employee behaviors to safeguard patient information; security rules; safeguards to protect patient information electronically; HITECH; breach identification and notification; enforcement; and level of fines.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Healthcare Security Breaches in 2015

September 18th, 2015 by Melanie Matthews

In 2015, the healthcare sector has had more security breaches than any other sector but one, according to a new infographic by Netsurion.

The infographic examines security breaches by market sector, along with specific details on healthcare security breaches.

Healthcare Security Breaches in 2015

HIPAA Compliance ManualThe customized HIPAA Compliance Manual contains the policy and procedure documentation required by the HIPAA privacy and security rules and HITECH. Operating forms are included in the manual for ease of customization for your office. The manual also includes state laws and regulations that interface with HIPAA and state identity theft laws.

The HIPAA Compliance Manual also includes as a bonus: The Advisor, a monthly newsletter to help you stay current on new regulations and interpretations throughout the year. You will receive The Advisor each month by email as a part of your manual purchase.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Healthcare Information Security

September 4th, 2015 by Melanie Matthews

Healthcare Information SecurityImproving regulatory compliance and security awareness and training are among the top concerns of healthcare information security professionals, according to a new infographic by ISC2.

The infographic also drills down on the competencies and certifications that healthcare organizations look for when hiring information security professionals.

Covered Entity Manual Covered Entity Manual is a template-style download manual that can be easily adapted to align with your compliance needs as a covered entity. All content complies with the Omnibus Rule.

Covered Entity-Specific Manual provides you with a generic, comprehensive set of policies and procedures: 33 privacy policies; 30 security policies; 6 policies that address common requirements of both the privacy and security rules; 1 breach notification policy; and 12 forms and templates, including a notice of privacy practices.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: HIPAA Privacy and Security Rules Cheat Sheet

August 19th, 2015 by Melanie Matthews

Healthcare providers and business associates must protect ePHI across all systems and technologies to prevent data breaches and remain HIPAA compliant, according to a new infographic by Scrypt, Inc.

The infographic looks at how data breaches occur, how to prevent a breach and the risks surrounding mobile devices. The infographic also provides a HIPAA checklist based on the Department of Health and Human Services’ recently released guide to the Privacy and Security of Electronic Health Information.

HIPAA Training for Employees DVD
HIPAA Training for Employees DVD provides training on the following: privacy rule basics; use and disclosures; patient rights; employee behaviors to safeguard patient information; security rules; safeguards to protect patient information electronically; HITECH; breach identification and notification; enforcement; and level of fines.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Business Associate Risks in Healthcare

July 27th, 2015 by Melanie Matthews

Many healthcare covered entities feel that their business associates’ inadequate security precautions pose one of the top threats to their organizations, according to new study by ISMG, “Healthcare Information Security Today.”

A new infographic by CynergisTek, Inc. highlights the risks associated with business associates as well as examples of recent breaches that have occurred at a business associate.

Business Associate ManualBusiness Associate Manual is a template-style manual that can be easily adapted to align with your compliance needs as a business associate (BA). All content complies with the Omnibus Rule.

Specifically developed to help BAs meet complex privacy & security compliance requirements. The Business Associate Manual includes: 6 privacy policies; 30 security policies; 6 policies that address common requirements of both the privacy and security rules; 1 breach notification policy; and 4 forms and templates.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: Healthcare Data Breaches

June 10th, 2015 by Melanie Matthews

The number of individuals affected by healthcare data breaches continues to rise, especially after recent “mega breaches” such as Anthem and Premara Blue Cross. In addition, hacking and other criminal attacks are being seen more and more within the healthcare industry.

A new infographic by Cynergistek looks at the number of people impacted by healthcare data breaches, the causes of breaches, the location of breached information and more.

HIPAA Training for EmployeesHIPAA Training for Employees DVD provides training on the following: privacy rule basics; use and disclosures; patient rights; employee behaviors to safeguard patient information; security rules; safeguards to protect patient information electronically; HITECH; breach identification and notification; enforcement; and level of fines.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Guest Post: Following Anthem Breach, 5 Preventive Steps to Protect Businesses Against Electronic Data Theft

February 19th, 2015 by Kevin Watson

Kevin Watson is CEO of Netsurion, a provider of cloud-managed IT solutions.


The country’s second largest health insurer, Anthem Inc., has confirmed it is the latest to join a growing list of major corporations to have suffered a serious data breach. Kevin Watson, CEO of Netsurion, outlines some of the consequences of stolen healthcare data and suggests five steps businesses can take to protect themselves from electronic data theft.

Unlike many recent data breaches, Anthem was quick to publicly announce the breach only days after discovering that personal information on as many as 80 million of its customers and employees had been stolen. In this case, it appears the hackers used rather sophisticated methods, managing to gather names, dates of birth, social security numbers, addresses and email addresses. Although it does not appear any medical information or financial records were exposed, the information that was taken is more than enough to steal the identities of the affected individuals.

For so long, the focus of data breaches has been on credit card data, as stolen credit card data can so readily be turned into cash or goods. However, with the increasing popularity of EMV or chip and pin enabled credit cards, the prevalence of data breaches involving personal information may again rise to the forefront. This is especially true when one realizes the value of a stolen identity can often be far greater over the long term than the value of a stolen credit card.

If access to insurance plan information were to have been stolen along with identity information, data thieves would have a good indicator as to which identities were of higher value based on the value of the insurance plan. If thieves focus on the individuals with the highest plan costs, these are likely the people who are more established in their lives, have families, higher incomes and better credit, meaning their identities are worth even more on the black market.

This breach highlights that data security is not an issue limited to those processing credit cards. Businesses of all types must think of the type of information stored in their systems and realize they are only as secure as their weakest system. The following checklist outlines simple methods can help protect businesses from electronic data theft:

1. Protect a Location’s Incoming Internet Traffic

The first step in stealing data is finding an avenue into the targeted business. All of a business’ data circuits and its Internet connections must be protected by a robust and adaptable firewall; protecting the business from unwanted incoming traffic.

2. Implement Secure Remote Access

When permitting remote access to a network, it is essential that this access is restricted and secure. At a minimum, access should only be granted to individual (not shared) user accounts using two-factor authentication and strong passwords. Remote access activities should also be logged so that an audit trail is available.

3. Keep Anti-Malware Software Up-to-Date

It is critical to keep all anti-virus/anti-malware software up to date with the latest versions and definitions. The companies that make anti-malware software monitor threats constantly and regularly update their packages to include preventive measures and improvements to thwart malware seen in other attacks.

4. Update all Operating Systems as Security Patches are Released

Much like anti-virus/anti-malware updates, designers of operating systems are constantly improving their software to prevent hackers from stealing data, especially if a criminal manages to bypass the built-in security. It is essential that the latest security releases and patches be installed on all systems.

5. Limit Outbound Internet Traffic

In addition to blocking unwanted traffic from getting into a location, it is always a good practice to selectively block outgoing traffic as well. Many modern breaches involve software that becomes resident on a company network and then tries to send sensitive data to the hacker’s system via the Internet. No system can completely prevent unwanted malware or viruses, so a good last line of defense is making sure secure data doesn’t leave the network without prior knowledge. The same firewall used in Step One should be configured to monitor outgoing traffic as well as incoming.

Netsurion is a leading provider of cloud-managed IT security services that protect small- and medium-sized businesses’ information, payment systems and on-premise public and private Wi-Fi networks from data breaches and other risks posed by hackers. Netsurion’s patented remote installation technology and PCI compliant cloud-based solutions simplify the implementation process and ongoing support. Any sized branch or remote office, franchise or sole proprietor operation can use Netsurion without the costs of onsite support. The company serves the retail, hospitality, healthcare, legal and insurance sectors.

HIN Disclaimer: The opinions, representations and statements made within this guest article are those of the author and not of the Healthcare Intelligence Network as a whole. Any copyright remains with the author and any liability with regard to infringement of intellectual property rights remain with them. The company accepts no liability for any errors, omissions or representations.

Infographic: Healthcare Information Security

December 17th, 2014 by Melanie Matthews

Safeguarding healthcare information is everyone’s a shared responsibility across a healthcare organization. With well-publicized and recent cyber attacks affecting all industries, healthcare organizations need to take proactive steps to safeguard information, according to a new infographic by HIMSS and the National Cyber Security Alliance (NCSA).

The NCSA-HIMSS infographic can serve as a guide for healthcare organizations to help keep patient information safe and secure.

HIPAA Training for Employees DVD

HIPAA Training for Employees DVD provides training on the following HIPAA privacy and security compliance, including: privacy rule basics; use and disclosures; patient rights; employee behaviors to safeguard patient information; security rules; safeguards to protect patient information electronically; HITECH; breach identification and notification; enforcement and level of fines.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.

Infographic: 5 Elements of an Effective HIPAA Audit Program

October 8th, 2014 by Melanie Matthews

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) upcoming permanent HIPAA audit program demonstrates a more aggressive approach to investigating compliance, according to a new infographic by Coalfire.

The infographic outlines the five key elements for a comprehensive, vigilant HIPAA compliance program.

5 Elements of an Effective HIPAA Audit Program

HIPAA Compliance Manual The customized HIPAA Compliance Manual contains the policy and procedure documentation required by the HIPAA privacy and security rules and HITECH. Operating forms are included in the manual for ease of customization for your office. The manual also includes state laws and regulations that interface with HIPAA and state identity theft laws.

Get the latest healthcare infographics delivered to your e-inbox with Eye on Infographics, a bi-weekly, e-newsletter digest of visual healthcare data. Click here to sign up today.

Have an infographic you’d like featured on our site? Click here for submission guidelines.