Cyber Security and HIPAA Compliance

Michelle Bilsky, VP of Risk Management // June 14, 2017

Cyber Threats have become a serious issue in healthcare IT over the past few years.  Every day there are attempts to break into secure computer environments in order to either ransom the owners' information to themselves or just to steal that information and sell it to someone else.  Medical records go for about $60 per record (that’s what the hacker is paid by the buyer) whereas simple credit card records go for about $10 per record.  The reason that medical records are so valuable is simple – the information doesn’t change.  A person cannot turn off their medical record or change their birthdate, however, we can cancel a credit card and render it useless. For more guidance and materials continue to the full article by clicking below. 



$2.5 Million Settlement Shows That Not Understanding HIPAA Requirements Creates Risk

April 21, 2017

Below is yet another OCR case involving a single stolen laptop which then led to further investigation by OCR and that investigation showed a lack of policies and procedures which may have prevented this event.  The lack of policies has been at the root of all major settlements and the corrective action plans instituted by the OCR is going to be a very long and “painful” process for CardioNet.  These incidents are the reason all covered entities and business associates must have a Security Risk Assessment and implement policies and procedures.