It’s a late Saturday morning and Joe Hacker (aka WF4EAK in underground hacking circles) fires up the software-defined radio(SDR) he bought online for $20 to listen in on the local hospital paging traffic. After all, he is trying to make a few extra bucks to buy a new Xbox, and selling healthcare information on the black… Read More
In new joint guidance released from the Federal Trade Commission (FTC) and U.S. Department of Health and Human Services Office for Civil Rights (OCR), HIPAA covered entities and business associates are reminded that they are subject to enforcement of both HIPAA regulations and deceptive business practices under the FTC Act. A covered entity or business… Read More
Earlier this year, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued guidance indicating that, under most circumstances, a ransomware attack constitutes a reportable HIPAA breach. During a ransomware attack, protected electronic health information (ePHI) is considered breached because an unauthorized individual has control of the information. In their… Read More