2. Department of Homeland Security Issues
Warning on Medical DeviceThreats
Hospital network hacked, 4.5 million records
stolen
Health care data breaches have hit 30 million
patients and counting
3. Medical identity theft victims pay on average
$13,500 to resolve the crime
Medical records 10x more valuable to hackers
than credit card information
Two-thirds of US adults would not return to a
business if their personal information were
stolen
4. HHS Announces HIPAA Audit program
Office for Civil Rights “Phase 2” HIPAA audits
Office of the Inspector General Audits
Increased fines and penalties
5. Do’s
Recognize the risks
Protect IDs and passwords
Report incidents
Don’ts
Fall for phishing and other scams
Circumvent processes where expediency or
convenience overrule protecting information
6. Facility Privacy Official
Ethics & Compliance Officer
Facility Information Security Official
Your IT&S CIO
7. Horowitz, B.T. (2012). Department of Homeland Security IssuesWarning on
Medical DeviceThreats. Eweek, 2.
Jose, P. (2014, August 18). Hospital network hacked, 4.5 million records stolen.
CNNWire.
Millman, J. (2014). Health care data breaches have hit 30 million patients and
counting. TheWashington Post.
Munro, D. (2015, February 23). New Study Says Over 2 MillionAmericans Are
VictimsOf Medical IdentityTheft.
Jayanthi, A. (2014, October 1). Medical records 10x more valuable to hackers than
credit card information.
ConsumersTakeTheir Business ElsewhereAfter a Data Breach. (2013, October
22).
Goedert J. SECURITY:Waiting Game Continues for HIPAA SecurityAudits; OCR's
long-promised audit program is still in development; meanwhile, the office
remains focused on 'high-impact' breaches. Health Data Management [serial
online]. 2015:Available from: Academic OneFile, Ipswich, MA. Accessed July 24,
2015.
Editor's Notes
Confidentiality
Reading the Over 120 UCLA Hospital Staff Saw Celebrity Health Records article, what training could you as a manager put into place to avoid this situation? Present your training idea using any Web 2.0 tools. How can this training on confidentiality be effective for the employees? (4 points)