Today I received notice that the Centers for Medicare & Medicaid Services (CMS) just issued a new publication, “Security Guidance for Remote Use‚Äù which is actually dated 12/28/2006.
“This document is intended to provide HIPAA covered entities with general information on the risks and possible mitigation strategies for remote use of Electronic Protected Health Information (EPHI).”
Today I read a story appearing in the Des Moines Register, “Computer breach at UNI exposes some personal data” about a breach that occurred at one my alma maters, the University of Northern Iowa.
It bothered me the non-chalant way in which a computer breach was described as being “a pretty typical breach” by the Assoc. VP for Information Technology.
It makes it sound as though such breaches are to be expected. If appropriate safeguards are in place, though, these types of breaches should not occur.
Yesterday (January 3) Michigan’s governor, Jennifer M. Granholm, signed a new identity theft and breach notification law, SB 309.
“Today’s technology has taken commerce and communication to new heights, but it also puts citizens at additional risk of identity theft as ever-increasing amounts of personal information are stored and transmitted electronically,” Granholm said. “While I am pleased to sign legislation that provides critical information to consumers, we must do more to provide our citizens with the tools they need to truly protect themselves.”
On December 19, 2006, a computer systems administrator, Andy Lin, for Medco Health Solutions, Inc. was indicted by a federal grand jury in the U.S. District Court for the District of New Jersey for attempting to disable his employer’s corporate computer servers through the use of a concealed malicious software program.
Today (January 3) Lin is being arraigned. If convicted, he could get 20 years in prison and a fine of $500,000; $250,000 for each of the two charges.
I ran across an interesting news report,”Nissan data leak puts 5 million at risk”
I was surprised I did not see this report on any of U.S. news sites. The report is very vague. It just indicates a “leak” occurred between May 2003 and February 2004. A small excerpt:
Folks outside of the U.S. are increasinglyg being warned that going to the U.S. could result in privacy incidents, as demonstrated by another such report today in the Taipei Times, “Traveling to the US could trigger a loss of privacy”
An excerpt from the report:
A great article was published on Law.com today written by Ryan Sulkin, “First Line of Defense Against Data Security Breaches: Employees.”
There are several points made that I hope business leaders read and take to heart.
The Pittsburgh Post-Gazette ran an interesting story today, “Spread of records stirs fears of privacy erosion.”
Basically this describes the trials and tribulations of a woman was denied disability benefits from her insurer following a car accident because of notes made by her psychologist. Reportedly the psychologist notes were intermingled with her general medical records.
Subscribe to this site's RSS feed. However over icon to see which services are supported.