http://www.secuobs.com Observatoire de la securite Internet fr webmaster@secuobs.com 2010-12-30 20:08:29 - Identity Theft and Data Breach News ID Experts Corporate Blog : While HIPAA s recently enhanced penalty provisions and newly enacted security breach notification requirements have each received a significant amount of attention, the connection between them and its significant implications for employers and health care providers subject to HIPAA have not Most significantly, because of the enhanced penalties, it is critical that covered entities conduct a http://www.secuobs.com/revue/news/274941.shtmlhttp://www.secuobs.com/revue/news/274941.shtml Secuobs.com : 2010-12-30 20:08:29 - Identity Theft and Data Breach News ID Experts Corporate Blog - By Stephanie Cason The Health Information Technology for Economic and Clinical Health HITECH Act, enacted on February 17, 2009, was designed to promote the widespread adoption and standardization of health information technology It supports this goal by adding amendments designed to strengthen the privacy and security protections of health information established by HIPAA and contained http://www.secuobs.com/revue/news/274940.shtmlhttp://www.secuobs.com/revue/news/274940.shtml Secuobs.com : 2010-12-30 20:08:29 - Identity Theft and Data Breach News ID Experts Corporate Blog - In recent weeks, there have been two bills introduced in Washington, DC that are attempting to set nationwide standards for the security and privacy of consumers personal information The Data Security and Breach Notification Act of 2010 was introduced by Senator Pryor D-Arkansas and Senator John Rockefeller D-West Virginia on August 5, 2010 The bill http://www.secuobs.com/revue/news/274939.shtmlhttp://www.secuobs.com/revue/news/274939.shtml Secuobs.com : 2010-12-30 20:08:29 - Identity Theft and Data Breach News ID Experts Corporate Blog - Physician s offices and small clinics are recent targets of patient data theft creating legal obligation to notify patents of the crime under the new federal HITECH Act as well as providing concurrent notice to HHS Office of Civil Rights OCR A recent article in HeathLeaders Media highlighted this growing problem According to OCR, 11 private http://www.secuobs.com/revue/news/274938.shtmlhttp://www.secuobs.com/revue/news/274938.shtml Secuobs.com : 2010-12-30 20:08:29 - Identity Theft and Data Breach News ID Experts Corporate Blog - A recent survey described in an article by Healthcare IT News notes that preventing data breaches is the NUMBER ONE priority for IT decision makers in US hospitals While reducing risks of data breaches is important to them, of these same decision makers - 38 percent still report they cannot track inappropriate access in accordance http://www.secuobs.com/revue/news/274937.shtmlhttp://www.secuobs.com/revue/news/274937.shtml Secuobs.com : 2010-12-30 20:08:29 - Identity Theft and Data Breach News ID Experts Corporate Blog - In an interesting turn of events, the Insurance Commissioner of the State of Connecticut is now requiring that they be notified any any of the entities that they regulate, which includes many members of the healthcare ecosystem who also need to comply with HIPAA HITECH data breach regulations Their Bulletin IC-25 requires that they be notified http://www.secuobs.com/revue/news/274936.shtmlhttp://www.secuobs.com/revue/news/274936.shtml Secuobs.com : 2010-07-21 18:38:38 - Identity Theft and Data Breach News ID Experts Corporate Blog - ID Experts today announced RADAR HITECH Risk Assessment, Documentation and Reporting , the industry s first expert software tool to measure a data breach incident s risk index IRI by combining the severity of the episode and the sensitivity of the exposed data to quantify the incident s overall harm threshold Designed for healthcare providers, HIPAA covered entities, and http://www.secuobs.com/revue/news/242546.shtmlhttp://www.secuobs.com/revue/news/242546.shtml Secuobs.com : 2010-07-07 01:53:42 - Identity Theft and Data Breach News ID Experts Corporate Blog - This article is reprinted from Healthcare IT News with the author s permission The handling of data breach incidents has become a way of life for healthcare providers and with other HIPAA covered entities With the passage of the HITECH Act last year, there are now substantial penalties that can be levied, up to http://www.secuobs.com/revue/news/238188.shtmlhttp://www.secuobs.com/revue/news/238188.shtml Secuobs.com : 2010-06-18 02:08:07 - Identity Theft and Data Breach News ID Experts Corporate Blog - A recently published article in Healthcare IT News highlights aspects of the Health Information Technology for Economic and Clinical Health HITECH Act that may have escaped your attention Titled Three things you may not know about the HITECH Act but should , the article hones in on aspects of the rulemaking from the US Department of Health and http://www.secuobs.com/revue/news/232691.shtmlhttp://www.secuobs.com/revue/news/232691.shtml Secuobs.com : 2010-06-04 22:03:44 - Identity Theft and Data Breach News ID Experts Corporate Blog - The Blue Cross Blue Shield Association recently released a report that highlights a 7-to-1 savings for every dollar spent on anti-fraud activities In their announcement they note that this represents a 47pourcents increase in fraud savings in 2009 compared to 2008 With growing evidence of the expansion in medical identity theft crimes, the focus of private http://www.secuobs.com/revue/news/228768.shtmlhttp://www.secuobs.com/revue/news/228768.shtml Secuobs.com : 2010-05-18 03:14:26 - Identity Theft and Data Breach News ID Experts Corporate Blog - Healthcare organizations that fall under the definition of HIPAA covered entities should be very aware of their obligations under the data breach provisions of the HITECH Act The reason being that there are now very substantial penalties for disregarding the security and privacy regulations, for lax detection of data breach incidents and for failing to http://www.secuobs.com/revue/news/222992.shtmlhttp://www.secuobs.com/revue/news/222992.shtml Secuobs.com : 2010-04-29 18:27:31 - Identity Theft and Data Breach News ID Experts Corporate Blog - As was required under the Health Information Technology for Clinical and Economic Health HITECH Act, the US Department of Health and Human Services HHS released an Interim Final Rule for data breach notification provisions that went into effect earlier this year As noted by Healthcare IT News, this coming May, HHS will also issue new proposed http://www.secuobs.com/revue/news/217336.shtmlhttp://www.secuobs.com/revue/news/217336.shtml Secuobs.com : 2010-04-21 23:48:14 - Identity Theft and Data Breach News ID Experts Corporate Blog - Symantec released their Global Internet Security Report for 2009 which explores in great detail the causes of data breach incidents It finds that hacking attacks are responsible for the majority of personal identity records exposed in 2009 In 2009, 60 percent of identities exposed were compromised by hacking attacks, which are another form of targeted attack http://www.secuobs.com/revue/news/214702.shtmlhttp://www.secuobs.com/revue/news/214702.shtml Secuobs.com : 2010-04-09 01:38:31 - Identity Theft and Data Breach News ID Experts Corporate Blog - In the past, a significant percentage of data breach incidents have been attributed to carelessness The lost laptop is one of the most common data breach causes, especially given how few use encryption technology and how common it is for employees to have access of private data With the economic meltdown of 2009, and the subsequently http://www.secuobs.com/revue/news/210355.shtmlhttp://www.secuobs.com/revue/news/210355.shtml Secuobs.com : 2010-04-06 19:46:58 - Identity Theft and Data Breach News ID Experts Corporate Blog - This past week, the Internet Security Alliance ISA and the American National Standards Institute ANSI released a groundbreaking document that is aimed at assisting the Chief Financial Officer of major corporations and organizations in managing the financial risks inherent in protecting an organization from cybercrime Titled The Financial Management of Cyber Risk An Implementation Framework for http://www.secuobs.com/revue/news/209384.shtmlhttp://www.secuobs.com/revue/news/209384.shtml Secuobs.com : 2010-03-25 20:42:30 - Identity Theft and Data Breach News ID Experts Corporate Blog - Electronic Health Records EHR hold the promise of substantial benefits to patients When shared among providers, they will assure that wherever you seek medical services that your doctor will have access to complete and accurate information on your medical history The passage of the Health Information Technology for Economic and Clinical Health HITECH Act earmarks http://www.secuobs.com/revue/news/205498.shtmlhttp://www.secuobs.com/revue/news/205498.shtml Secuobs.com : 2010-03-12 03:22:25 - Identity Theft and Data Breach News ID Experts Corporate Blog - Federal agencies and regulators announced this week that LifeLock will pay 12 million to settle a complaint that it used false and misleading claims in its advertising 11 million of the settlement will be paid to the Federal Trade Commission FTC and 1 million to 35 state attorneys general, all of whom worked together on http://www.secuobs.com/revue/news/200962.shtmlhttp://www.secuobs.com/revue/news/200962.shtml Secuobs.com : 2010-02-23 01:57:04 - Identity Theft and Data Breach News ID Experts Corporate Blog - A recent article in American Medical News notes that the greatest risks to healthcare providers in the area of maintaining patient privacy isn t offshore hackers or rogue employees, but rather simple accidents Over six months in 2009, 12,500 mobile devices were left in taxis And 4,500 USB thumb drives were left in pants pockets that were http://www.secuobs.com/revue/news/194390.shtmlhttp://www.secuobs.com/revue/news/194390.shtml Secuobs.com : 2010-02-17 03:40:17 - Identity Theft and Data Breach News ID Experts Corporate Blog - ID Experts today announced a new and unique solution for data breaches that involve protected health information PHI and associated risks of medical identity theft With the passage of the HITECH Act last year and the clarifying Rules published by Health and Human Services HHS , healthcare organizations now face greater scrutiny and higher risks when it http://www.secuobs.com/revue/news/192601.shtmlhttp://www.secuobs.com/revue/news/192601.shtml Secuobs.com : 2010-02-10 01:57:51 - Identity Theft and Data Breach News ID Experts Corporate Blog - The Ponemon Institute released their 5th annual 2009 Annual Study Cost of Data Breach last month This year, the report explored several new areas and came up with some interesting and in some cases surprising conclusions These include - Customer patient client churn rate, the tendency for a data breach event to cause them to vote with their feet http://www.secuobs.com/revue/news/190272.shtmlhttp://www.secuobs.com/revue/news/190272.shtml Secuobs.com : 2010-01-16 03:30:11 - Identity Theft and Data Breach News ID Experts Corporate Blog - This week, the Connecticut Attorney General, Richard Blumenthal, sued Health Net of Connecticut for a data breach and their subsequent handling of the incident As he notes, this lawsuit is historic, in that it is the very first enforcement action under HIPAA since the law was extended and enhanced with the HITECH Healthcare Information Technology http://www.secuobs.com/revue/news/182264.shtmlhttp://www.secuobs.com/revue/news/182264.shtml Secuobs.com : 2010-01-09 02:28:13 - Identity Theft and Data Breach News ID Experts Corporate Blog - One of the panels at the Consumer Electronics Show Digital Health Summit is asking a really interesting question Who will you trust with your health data As described in an article in Healthcare IT News on healthcare data privacy and security, there have been numerous data breach incidents over recent years who sensitive patient information http://www.secuobs.com/revue/news/179791.shtmlhttp://www.secuobs.com/revue/news/179791.shtml Secuobs.com : 2010-01-08 03:07:28 - Identity Theft and Data Breach News ID Experts Corporate Blog - As this comic strip illustrates, we can be our own worst enemy when it comes to exposing ourselves to risks of identity theft and crime Increasingly, scammers will provide you with significant valid information such as your name, credit card number and issuing bank in order to gain your trust and solicit additional information such http://www.secuobs.com/revue/news/179458.shtmlhttp://www.secuobs.com/revue/news/179458.shtml Secuobs.com : 2010-01-06 03:39:00 - Identity Theft and Data Breach News ID Experts Corporate Blog - An article today in iHealthbeat titled Innovation Inspired by Economics 2010 Health IT Forecast discusses trends and expectations for growth in healthcare information technologies despite the financial issues faced by many US healthcare providers currently Necessity being the mother of invention, a constrained economic environment will lead to health IT innovations in two ways First, lower http://www.secuobs.com/revue/news/178621.shtmlhttp://www.secuobs.com/revue/news/178621.shtml Secuobs.com : 2009-12-21 23:55:54 - Identity Theft and Data Breach News ID Experts Corporate Blog - Thanks to Healthcare Professionals Live for highlighting this article and the important questions it highlights I was wondering about why there have yet to be any healthcare data breaches posted on the Health and Human Services HHS Office of Civil Rights OCR website Because there have been a number of substantial incidents reported in the press since http://www.secuobs.com/revue/news/174716.shtmlhttp://www.secuobs.com/revue/news/174716.shtml Secuobs.com : 2009-12-16 18:02:25 - Identity Theft and Data Breach News ID Experts Corporate Blog - Through twitter, we connected with the good people at Broadband for America to bring you this article about three common online identity theft myths Thanks to identity theft awareness programs, many people are now exercising increased caution when online Most folks understand the danger in revealing too much personal information on the Internet, or falling http://www.secuobs.com/revue/news/172873.shtmlhttp://www.secuobs.com/revue/news/172873.shtml Secuobs.com : 2009-12-16 04:00:42 - Identity Theft and Data Breach News ID Experts Corporate Blog - In a recent post, I was wondering about why there have yet to be any healthcare data breaches posted on the Health and Human Services HHS Office of Civil Rights OCR website Because there have been a number of substantial incidents reported in the press since the notification requirement under the HITECH Act went into effect, http://www.secuobs.com/revue/news/172564.shtmlhttp://www.secuobs.com/revue/news/172564.shtml Secuobs.com : 2009-12-16 04:00:42 - Identity Theft and Data Breach News ID Experts Corporate Blog - Just in Santa retains ID Experts to provide breach remediation assistance http://www.secuobs.com/revue/news/172563.shtmlhttp://www.secuobs.com/revue/news/172563.shtml Secuobs.com : 2009-12-07 23:45:35 - Identity Theft and Data Breach News ID Experts Corporate Blog - When holidays around the corner, the amount of fraudulent activity tends to increase As we all know, the most important aspect of stopping fraud is reporting it immediately Unfortunately, the holidays also mean that many financial institutions and companies are closed in observation While many banks provide a 24 7 support year-round for reporting cards lost http://www.secuobs.com/revue/news/169395.shtmlhttp://www.secuobs.com/revue/news/169395.shtml Secuobs.com : 2009-11-24 22:53:08 - Identity Theft and Data Breach News ID Experts Corporate Blog - It is unfortunate that while we have very clear rights to access and correct our financial records, we don t have similar rights when it comes to our medical records While this hasn t been a high level concern for patients up until now, because the majority of fraud thus far has mostly impacted the healthcare insurers, http://www.secuobs.com/revue/news/164842.shtmlhttp://www.secuobs.com/revue/news/164842.shtml Secuobs.com : 2009-11-24 03:44:08 - Identity Theft and Data Breach News ID Experts Corporate Blog - Since the HITECH Act data breach notification provisions became effective this past September 23, 2009, I d recently become curious about the number and nature of data breaches that would start to appear on the website at the Department of Health and Human Services HHS The HHS Rules require healthcare organizations specifically HIPAA covered entities to report http://www.secuobs.com/revue/news/164358.shtmlhttp://www.secuobs.com/revue/news/164358.shtml Secuobs.com : 2009-11-23 23:26:43 - Identity Theft and Data Breach News ID Experts Corporate Blog - HIMSS Analytics this past week released a study titled Evaluating HITECH s Impact on Healthcare Privacy and Security that looks at healthcare providers and their business associates, relative to their awareness of the HITECH Act s data breach provisions, as well as their experience with data breach incidents and concerns about preparedness and compliance with HITECH Act http://www.secuobs.com/revue/news/164234.shtmlhttp://www.secuobs.com/revue/news/164234.shtml Secuobs.com : 2009-11-04 22:10:00 - Identity Theft and Data Breach News ID Experts Corporate Blog - September 23, 2009 marked a major milestone for patient rights That is when the new Health Information Technology for Economic and Clinical Health HITECH Act took effect, requiring healthcare organizations to take more responsibility for protecting patient records and health information The HITECH Act seeks to streamline healthcare and reduce costs through the use of health http://www.secuobs.com/revue/news/157440.shtmlhttp://www.secuobs.com/revue/news/157440.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - The HITECH Act will have far reaching impact on most healthcare providers due to requirements related to data breach notification An area of complexity that may not be initially obvious was recently noted in an article by Rebecca Herold titled Is this a Breach under the HITECH Act Definition This article highlights the gray areas that http://www.secuobs.com/revue/news/157020.shtmlhttp://www.secuobs.com/revue/news/157020.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - A recent article in the Wall Street Journal titled New Epidemic Fears Hackers highlights the dark side of the movement towards putting our personal medical and healthcare records online There is 29 billion in the Stimulus Bill that is targeted towards hospitals and other healthcare providers for the implementation of electronic healthcare record systems We are http://www.secuobs.com/revue/news/157019.shtmlhttp://www.secuobs.com/revue/news/157019.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - As discussed in prior posts, healthcare organizations will be required to comply with new, strict breach notification provisions laid out in the HITECH Act which was passed as part of the Stimulus Bill earlier this year by Congress Because not only HIPAA covered entities will be affected by this, but also their business associates as http://www.secuobs.com/revue/news/157018.shtmlhttp://www.secuobs.com/revue/news/157018.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - I noticed today that the email address we have set up to take inquires and message regarding our twitter account has been hit with a few spam emails that clearly phishing emails I thought I would share them here for your amusement and enjoyment Please do NOT click on any links or visit these websites http://www.secuobs.com/revue/news/157017.shtmlhttp://www.secuobs.com/revue/news/157017.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - The Department of Health and Human Services issued its Interim Final Rule on August 19, 2009 outlining the obligations of healthcare organizations regarding data breach incident notification as directed by the HITECH Act passed earlier this year This rule clarifies the defintion of data breach as the unauthorized acquisition, access, use or disclosure of protected health http://www.secuobs.com/revue/news/157016.shtmlhttp://www.secuobs.com/revue/news/157016.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - Starting September 23, 2009, healthcare organizations covered by HIPAA and the HITECH Act will be required, in the case of data breach incidents where personal health information PHI is improperly exposed, to notify both the individuals affected by the breach as well as the federal government, who will post this information publicly The data breach notification http://www.secuobs.com/revue/news/157015.shtmlhttp://www.secuobs.com/revue/news/157015.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - In recent months, with the continued growth in highly public data breach incidents, we began looking at how organizations assess their level of exposure to data breach risk I suspect if you ask the CEO of most public companies or public sector organizations about their level of risk, that they would tell you that they http://www.secuobs.com/revue/news/157014.shtmlhttp://www.secuobs.com/revue/news/157014.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - There appears to be some level of controversy that has been stirred up in a less followed area of the healthcare debate than single payer, that associated with the privacy of health information The Department of Health and Human Services just released its rules for healthcare organizations to follow the data breach notification provisions of http://www.secuobs.com/revue/news/157013.shtmlhttp://www.secuobs.com/revue/news/157013.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - Recently headlines have included the alarming news that the personal login information for thousands of Hotmail accounts was posted online While an investigation is being conducted, experts have urged anyone with a Hotmail account to change their password immediately Many experts also recommend that if you use that account in conjunction with other accounts, such http://www.secuobs.com/revue/news/157012.shtmlhttp://www.secuobs.com/revue/news/157012.shtml Secuobs.com : 2009-11-04 06:01:09 - Identity Theft and Data Breach News ID Experts Corporate Blog - Because data breaches have become such commonplace incidents, there is concern that people have become desensitized to the potential harm they face when receiving a notification letter from an organization that they ve trusted with highly personal information, that this information has been lost or misappropriated A recently published report from Javelin Strategies should be a wake http://www.secuobs.com/revue/news/157011.shtmlhttp://www.secuobs.com/revue/news/157011.shtml