• Recently Written

  • Software update prevents users Brabeion RoHS
  • If our government to give free insurance?
  • Patient data are never really safe?
  • Importance of dog insurance in the life of your pet
  • Drug HIPA A friendly service Transcript
  • The importance of life insurance for your pet dog
  • If our government is giving away free insurance?
  • If our government is giving away free insurance?
  • Label
  • Health cards

• Categories

  • Healthcare Industry News
  • HIPAA
  • HIPAA (General)
  • HIPAA Compliance
  • HIPAA Compliant Software
  • HIPAA Enforcement
  • HIPAA Jobs
  • HIPAA Law
  • HIPAA Lawsuits
  • HIPAA News
  • HIPAA Privacy
  • HIPAA Regulation
  • HIPAA Security
  • HIPAA Technology
  • HIPAA Training
  • Medical Privacy
  • Privacy News
  • Sarbanes-Oxley

• Archives

  • August 2010
  • July 2010
  • October 2009
  • September 2009
  • July 2009
  • June 2009
  • May 2009
  • January 2009
  • September 2008
  • June 2008
  • April 2008
  • August 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006
  • June 2006
  • May 2006
  • April 2006
  • March 2006
  • February 2006
  • January 2006
  • November 2005
  • October 2005
  • May 2005
  • April 2005
  • March 2005
  • January 2005
  • December 2004
  • November 2004
  • October 2004
  • September 2004

• Admin

  • Log in
  • Wordpress
  • XHTML

• Search

Jeff over at HIPAA Blog has some Wi-Fi and HIPAA Integration guidelines, courtesy of Hospital Compliance Wire:

1. Make sure the wi-fi access for your patients is separate from your clinical information systems. It should operate as if the wi-fi access route was operated by the business next door. Remember, even if your clinical systems aren’t wireless now, they may be in the future, so you definitely want to keep “customer” access separate from “employee” access.

2. Use a static portal as your log-in rules of the road. Have wi-fi access go through that portal page first, and include on it your rules for patient access. Remind patients to respect others in the waiting room and be considerate about what they are accessing (porn, gambling, rap music, you get the idea). When listing terms and conditions, give examples.

3. Make sure your signal isn’t so strong that it allows access to people outside your office. You may find some big bandwidth costs if someone camps onto your wi-fi from your parking lot.

4. Monitor wireless use. The worst thing you could do is install wi-fi and not monitor it, only to find that a patient or visitor has used your wi-fi to hack into your systems. Look for loopholes and trouble spots. Malicious visitors are always looking for weak spots, and technology constantly changes to invent new ways to breach old security measures.

I wouldn’t be surprised if there were many doctor’s offices around the country who have installed Wi-Fi networks but failed to secure them.

Hackers beware though – the fines / penalties for violating medical privacy rights could be much stiffer than your average hack target.

Jeff over at HIPAA Blog writes:

A strong statement on the Uninsured Billing Class Action Suits: a Federal judge in Beaumont, Texas threw out one of the suits (not a Scruggs suit, though) with a strong, strong statement. As stated in Modern Healthcare’s daily emails: “A judge dismissed a federal lawsuit over uninsured-patient billing against Christus Health, Dallas, and related organizations, saying, “The plaintiff cannot prevail on any of her claims under any imaginable theory.” U.S. District Judge Howell Cobb in Beaumont, Texas, dismissed the lawsuit with prejudice on all counts and criticized a wave of similar suits filed against hospitals and health systems nationwide. “The bleeding must stop,” Cobb said in his opinion.” Of course, I have high regard for Judge Cobb, based primarily on the well-known quality of his clerks.

My favorite line: “plaintiff cannot prevail on any of her claims under any imaginable theory.”

Now that’s a judge you don’t want to mess with!

Just came across an alarming article about how spyware / wormware writers are using professional software development methods to craft Internet worms.

Gregg Keizer reports:

A pair of research reports have explored the long-running Bagle worm and laid out a chronology that points to a professional developer who, like counterparts in the commercial software world, is constantly testing, tweaking, and improving his code for profit, not pride of ownership.
The Bagle worm debuted in mid-January 2004, and according to most anti-virus firms, has been spotted in 60 to 100 variations since then. It’s also usually credited with starting the malware-for-profit movement among hackers, who prior to the ground-breaking worm, typically were motivated by notoriety.

Jason Gordon, an analyst with security research firm infectionvectors.com by night, a security consultant to Department of Defense clients by day, spent the last year watching each edition of Bagel, and recently completed the final third of a three-part report.

“In the year since its release,” he wrote in that report, “Bagle has had a major impact on the Internet” primarily because it was, and remains, “a leader in the nefarious Web economy of spamming, phishing, and stealing passwords.”

Read more here

The privacy spot reports:

According to the Houston Chronicle, Christus St. Joseph Hospital sent approximately 16,000 letters to patients informing them that a computer stolen in a burglary earlier this year may have contained some of their medical records and Social Security numbers. According to the hospital letters, the only patient files affected, to their knowledge, are files for patients treated in the “emergency department in 2004, patients who sought outpatient services in radiology, sports medicine and rehabilitation from August through September 2003 and April through June 2004, and patient charts from 2001.”

Read more here

Just catching up on a bit of HIPAA / Healthcare / Privacy news of late.

Seems IBM announced that it was acquiring Healthlink, the largest U.S. consulting firm dedicated to the health-care industry.

Rochelle Garner of CRN reports:

IBM announced Tuesday that it will buy Healthlink, the largest U.S. consulting firm dedicated to the health-care industry. The acquisition gives IBM Global Services the domain expertise of Healthlink’s 550-person professional organization, including 300 physicians, nurses and pharmacists. Terms of the deal were not disclosed.

The acquisition is the second in one week in which a large IT consulting company acquired the health-care expertise of another. Last week, Accenture paid $175 million to buy the U.S. health-care practice of Capgemini. The 600 North American employees of Europe’s largest consulting company will join Accenture’s Health and Life Sciences practice in North America, the companies said. Paris-based Capgemini will retain its outsourcing contracts with U.S. health-care clients as well as continue health-care consulting in the federal public sector.

• Featured Links

Resources

Lasoo Online Catalogues

Asbestos Compensation

wholesale beauty

Links

• HIPAA Book
• HIPAA Jobs
• HIPAA News
• HIPAAClicks.com
• HIPAAdvisory
• The HIPAA Summit
• US Gov’s HIPAA Site

Meta

• Log in
• Entries RSS
• Comments RSS
• WordPress.org