...a healthcare equivalent of the FCBA, especially as healthcare organizations receive Federal funding. For healthcare providers, it would provide a bully incentive to tighten their security–as credit cards and banks did–because it would severely limit payment collections (the ‘hounding’) from the victims of fraudulent billing. How Identity Theft Sticks You With Hospital Bills Unfortunately the WSJ has chosen to paywall this article, but if you search on the title you can generally find the content either reprinted or in a WSJ preview. Previously in TTA: our many articles on hackermania, healthcare related identity theft (Harry Lime Lives!) and data security... Continue Reading
Search Results for data security
mHealth Summit now HIMSS Connected Health Conference
...other technology and analytics. (It’s also how it fits into government payment models, an endlessly changing equation.) What is surprising is the lifting of cybersecurity to equal status, given the Hackers’ Holiday that healthcare is now (see TTA here). (Also this Editor notes that last year’s Big Buzzwords, Big Data and Analytics, has faded into where it should be–into facilitating population health and we should expect, inform data security. We also note that HIMSS has stepped forward as the organizer. HIMSS release Telehealth & Telecare Aware has been a media partner of the mHealth Summit for most years since 2009.... Continue Reading
UCLA Health data breach may affect 4.5 million patients
[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2015/06/keep-calm-and-secure-your-data-4.png” thumb_width=”150″ /]Breaking news out of Los Angeles this afternoon is that the UCLA Health System’s computer network was compromised by an external cyberattack, compromising an estimated 4.5 million patient records. According to the LA Times, “the hospital saw unusual activity in one of its computer servers in October and began investigating with assistance from the FBI. The investigation confirmed May 5 that the hackers had gained access to parts of UCLA Health’s computer system where some patient information was stored. The hackers gained access to names, dates of birth, Social Security numbers, Medicare and health plan identification numbers... Continue Reading
Nortek Security acquires Numera (Updated)
Updated. Numera, which those of us with long memories remember as iMetrikus (before 2011, and also a Grizzled Telehealth Pioneer), announced late on Tuesday that it has been acquired by Carlsbad, California-based Nortek Security & Control. Nortek is known for security and home controls/automation (2GIG), with a significant holding in generally white-labeled traditional PERS units mostly under the Linear brand. Numera’s Libris and Libris+ PERS with telehealth connectivity will be sold under the Numera brand and be fitted into Nortek’s existing health-related business and home controls, according to the press release. The EverThere telehealth/activity/location reporting platform, according to Nortek’s FAQs,... Continue Reading
“The data security fault, dear Brutus, is not China, but in the company org chart”
[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2015/06/Org-chart1.jpg” thumb_width=”150″ /]Mansur Habib, PhD and cybersecurity strategist, formerly CIO for the Baltimore City Health Department, proposes that any data breach analysis should start first with a hard look at the organizational chart. If the CIO or the chief information security officer (CISO) doesn’t report directly to the CEO, the executive clearly does not place priority on IT and data security, treating it as a cost center to be restricted; in his words, they do not ’embrace cybersecurity risk as business risk’. In his 2013 doctoral research in 2013 and subsequently, Dr Habib observed that about half of US... Continue Reading
Seven safeguards for your mHealth app
...keep in mind: 1. Access control– unique IDs assigned to each user, remote wiping of the mHealth app from any user’s device. 2. Audit controls 3. Authentication 4. Integrity controls, such as compartmentalization, to ensure that electronically transmitted PHI is not prematurely altered or corrupted 5. Transmission security: data encryption at rest, in transit, and on independently secured servers protects PHI at each stage of transmission 6. Third party app integration–must fully comply with HIPAA safeguards 7. Proprietary data encryption But all seven points need backing from the top on down in a healthcare organization. (More in the article above)... Continue Reading
The pileup of Federal ‘titanic serial IT disasters’ (US)
[grow_thumb image=”https://telecareaware.com/wp-content/uploads/2015/06/keep-calm-and-secure-your-data-4.png” thumb_width=”150″ /]Don’t feel bad, HIT execs–the Feds are even worse. Complementary to our coverage of the increased danger of hacked health IT systems and data breaches (the trail of tears is here and here) is the oddly muted press clamor around the 4 June hacking report of the Federal Office of Personnel Management (OPM). Chinese hackers roamed around two OPM databases–personnel and security clearances–for nearly a year, according to CNN’s Senate briefing coverage. The breach likely exceeded 18 million records, though the real number may never be known. Privacy Rights Clearinghouse summarizes it and provides an interesting link... Continue Reading
Kickstarting the 1st week of summer: news from all over
No deal yet between insurer giants. Cigna turned down a $53.8 billion bid from Anthem. According to Healthcare Finance, concerns ranged from corporate governance problems, their membership in the Blue Cross Blue Shield Association, the probable chairman’s (from the Anthem side) qualifications and data security (ahem!). Given that Anthem’s 60 million record breach was an inadvertent inside job [TTA 11 Feb], the last is perfectly understandable. But the door appears to be open for the emollient of additional money (to mix a metaphor). Extra: a tart take on this from the WSJ…..Jaguar is looking to increase driving safety by reading... Continue Reading
London Health Technology Forum & the Cleveland Health challenge
...people. Therefore, especially in view of the expertise of the presenters, it is highly recommended. There will be three presentations: 1) Starting out – a brief look at IPR relevant to new businesses what IPR are you generating? who creates the IP and who owns it? how and where can you protect your IP? how are IPR maintained? 2) IP considerations when looking for investment does the company own all its IP? how will the IP be developed/exploited? taking security over IP in return for financing 3) Commercialising IPR healthcare and software licences key commercial terms, including payments and use... Continue Reading
The leaky roof of healthcare data (in)security–DARPA to the rescue?
...that healthcare data security is about 20 years behind finance and defense deserves a ‘hooray!’, but when you realize that on average only 3 percent of HIT spend is on security when it should be a minimum of 10 percent (HIMSS) or higher…yet the choice may be better security or uncompensated patient care particularly in rural areas, what will it be for many healthcare organizations? The article also doesn’t go far enough in the devil’s dilemma–that the Federal Government with Medicare, HITECH, meaningful use, rural telehealth and programs like Medicare Shared Savings demand more and more data tracking, sharing and... Continue Reading
Most Recent Comments