Breach Alert: Hackers stole over 4.5 million records from a Hospital Network

Medical Records Breach

Community Health Systems announced on Monday that hackers recently broke into its computers and stole data on 4.5 million patients. The company operates over 206 hospitals in 28 states including Alabama, Florida, Mississippi, Oklahoma, Pennsylvania, Tennessee and Texas. Apparently the hack originated from China and used a high end malware to breach the companies network sometime in April

Continue reading »

Hospital Employee Indicted for Criminal HIPAA Violations

HIPAA Criminal Violation

A former hospital employee in East Texas has been indicated by federal prosecutors for criminal violations of the Health Insurance Portability and Accountability Act (“HIPAA”).  Allegedly the former employee obtained PHI with the intent to use the information for personal gain between December 1, 2012 through January 14, 2013. He has been indicated on charges

Continue reading »

What is Risk Analysis (Section 19 of the HIPAA Security Rule)

HIPAA Risk Analysis

Risk Assessment otherwise called Risk Analysis is a Required part of the HIPAA Security Rule 164.308(a)(1). To ensure compliance, health care providers, medical offices (Covered Entity), business associates, or any other entity that receives, transforms, or stores Electronic Protected Health Records (ePHI)  are required to perform a Risk Analysis at least once a year or

Continue reading »