Breach Tally: Hacking Incidents Still on the Rise
As of March 9, 50 major breaches impacting 424,286 individuals have been added to the Department of Health and Human Services' Office for Civil Rights' "wall of shame" website of major breaches affecting 500 or more individuals. Of those 2017 incidents, 20 are listed as unauthorized access/disclosure breaches; 14 are hacking incidents; and 14 are breaches involving loss/theft of protected health information. Of the incidents involving loss or theft, eight involved paper/film
Back Up Drive Stolen: PHI of 1,291 Patients Exposed
The failure to encrypt backup data on a portable electronic device has resulted in the protected health information of 1,291 individuals being exposed. The device, containing names, telephone numbers, addresses and Social Security numbers, was stolen from Local 693 Plumbers, Pipefitters & HVACR Technicians, a member of the United Association of Journeyman and Apprentices of the Plumbing and Pipefitting Industry of the United States and Canada. While the data on the device cou
Majority of surveyed medical professionals and students report having used another staff member’s pa
A recent study examined the prevalence of password sharing among healthcare providers (residents, medical students, interns, and nurses) and found nearly three-quarters of surveyed medical professionals have used another staff member’s password to obtain EHR access at work. 73% reported using another staff member’s password to access an EHR at work. 100% of all medical residents reported obtaining another medical staff member’s password with their consent. 77% of medical stu
Equifax data breach caused due to patch update being missed
Equifax has revealed that the cause of its massive data breach was a flaw it should have patched weeks before it was attacked. Equifax has updated its website (www.equifaxsecurity2017.com) with a new “A Progress Update for Consumers” that opens as follows: Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cybersecurity firm to determine what information was accessed and who has been impacted. We know that crimina