Posts Tagged ‘Healthcare IT’


Health Officials Seeking More Secure Mobile Devices

March 14, 2012

Mobile devices, from smartphones to tablet computers, are increasingly used in hospitals and other health care settings. But regulators fear that manufacturers have not taken adequate steps to safeguard privacy and security with the technology.

To help seal those gaps, the Department of Health and Human Services (HHS) has launched the Privacy & Security Mobile Device project. The initiative will be managed by the Office of the National Coordinator for Health Information Technology’s (ONC) Office of the Chief Privacy Officer and the HHS Office for Civil Rights.

The project also will work to develop case studies to help communicate to health care providers how to secure and protect health information when using mobile devices. An example of a provider use case scenario is the health care provider who is at home and on call, using a laptop to read a patient’s electronic medical record.

“The rationale behind this specific project is that the use of mobile devices in health care has skyrocketed in the last year,” said Joy Pritts, JD, chief privacy officer for ONC, in an interview. “The concern is that health information is some of the most sensitive information that there is.”


Share your thoughts

December 23, 2011

LinkedIn Beats Referrer URL Privacy Class Action on Article III Standing Grounds–Low v. LinkedIn

November 18, 2011

Venkat Balasubramani writes:

Low brought a putative class action against LinkedIn, complaining about the fact that LinkedIn “allows transmission of users’ personally identifiable browsing history and other personal information to third parties, including advertisers, marketing companies, data brokers, and web tracking companies . . . ” He asserted a variety of different claims, including under the Stored Communications Act, the California Constitution, breach of contract, conversion, and California consumer protection statutes. The Court finds that Low failed to satisfy Article III standing and dismisses (with leave to amend).

Read More here


5.4 million affected by health data breaches in 2010, says HHS

September 17, 2011

In calendar year 2010, HIPAA-covered entities notified the Health and Human Services Department of 207 breaches that affected 500 or more individuals. This resulted in breach notifications being sent to approximately 5.4 million individuals, finds an HHS report.

The most common cause of these large breaches in 2010 was theft, according to an annual report (.pdf) submitted to congressional committees. The report covers breaches between Sept. 23, 2009 and Dec. 31, 2010.

Read more: 5.4 million affected by health data breaches in 2010, says HHS – FierceGovernmentIT

South Shore Hospital loses files on 800,000

July 20, 2010

Thousands of patients treated by South Shore Hospital in Boston, MA USA will be worried sick after getting a grim diagnosis that their sensitive data could have fallen into the hands of identity thieves.

Back-up computer files containing 14 years’ worth of personal and financial information for some 800,000 people – including patients, employees, donors, volunteers and vendors – went missing after they were shipped from the Weymouth hospital to a data management company hired to destroy the electronic documents.

The hospital refused to identify the data management company that lost the files after they were shipped off-site in February. It launched an investigation and also notified the Massachusetts Attorney General’s Office as well as state and federal health agencies.

Read More

Ready for a Private and Secure Online Workspace – GoSecure


Electronic health record systems may pose risk for care providers

June 28, 2010

The promise of electronic health records (EHR) seems clear: The digital records of everything from prescriptions to CT scans could raise the quality and lower the cost of healthcare.

Fulfilling this promise is likely to become more urgent as healthcare reform brings 35 million more Americans into the health insurance fold, all needing care.

Some of us worry about the security and privacy of our electronic medical information. But what about the liability risks EHR systems pose to care providers?

Two Case Western Reserve University professors say potential software or hardware problems, as well as user errors, could make the systems liabilities.

“Plaintiffs whose alleged injuries are associated with EHR systems could sue healthcare providers for medical malpractice,” wrote Sharona Hoffman, professor of law and bioethics, and co-director of Case Western Reserve’s Law-Medicine Center, and her husband, Andy Podgurski, professor of computer science at the university’s School of Engineering, in their article E-Health Hazards: Provider Liability and Electronic Health Record System published in the Berkeley Technology Law Journal.

“Those who believe that their records were improperly disclosed to third parties could assert privacy violation claims,” Hoffman and Podgurski said in their paper. “In addition, providers accused of negligent EHR-system use could face disciplinary proceedings initiated by professional organizations, government enforcement actions, criminal prosecutions and other adverse consequences.”

Read More

Ready for a Private and Secure Online Workspace – GoSecure