The Presumption of Innocence Podcast: Episode 3 - The Science of Modern Digital Forensics
Report on Patient Privacy 20, no. 1 (January 2020) - ? A cybersecurity breach temporarily halted cancer radiation treatment services at the Cancer Center of Hawaii on Oahu,[1] the center said. The center, which provides...more
Report on Research Compliance 17, no. 1 (January 2020) - Ah, those pesky residents. If you’re a teaching hospital, you can’t live without them, right? But sometimes living with them is mighty costly, as the University of...more
The American Institute of CPAs (AICPA), has released a risk management reporting framework intended to "establish a common, underlying language for Cybersecurity risk management reporting — almost akin to US GAAP or IFRS...more
In the first known case involving a wireless provider, a cardiology service provider agreed to pay a $2.5 million settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI)....more
The U.S. Court of Appeals for the Third Circuit has vacated a district court's dismissal of a data breach class action filed against Horizon Healthcare Services Inc., in the wake of the 2013 theft of two computer laptops...more
The New Hampshire Department of Health and Human Services has notified up to 15,000 patients of its psychiatric hospital (New Hampshire Hospital) that their names, addresses, Social Security numbers, Medicaid ID numbers and...more
The U.S. Navy has revealed that it has been notified by one of its vendors that a laptop of the contractor was the source of a data breach that compromised the names and Social Security numbers of 134,386 current and former...more
I have been doing a lot of live employee training lately. I really enjoy it, and have been told that it is some of the most entertaining training around. The reason why I can get the audience to laugh is because I tell real...more
Federal regulators announced last week that Illinois’ largest hospital chain would pay $5.5 million, a record payment under the Health Insurance Portability and Accountability Act (HIPAA), in connection with three 2013 data...more
Oregon Health & Science University (OHSU) has agreed to settle alleged HIPAA violations involving two separate data breaches with the Office for Civil Rights (OCR) for $2.7 million. In the span of three months in 2013,...more
Carrie, A couple of weeks ago, you wrote me about an employee who will be engaging in a six-month temporary assignment around Europe to scope market opportunities. The employee was Abbie Absent-Minded. Well, we hit a...more
Last week, UCLA notified 1242 patients that their health information may have been compromised in July when a faculty member’s laptop was stolen. UCLA has notified the patients, the Office for Civil Rights and the California...more
On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more
St. Elizabeth’s Medical Center (SEMC), a tertiary care hospital based in Brighton, Mass., agreed to pay $218,400 to address deficiencies in its HIPAA compliance activities. The SEMC settlement continues a pattern of...more