Navigation Links
In the Wake of Significant Security Breaches, Expert Urges Proactive Approach to Identifying Compromised PHI in AIS Newsletter

Washington, DC (PRWEB) April 08, 2015

In the wake of massive data breaches at Premera Blue Cross and Anthem Inc., the imperative is on HIPAA covered entities (CEs) to figure out posthaste whether their protected health information (PHI) is already compromised, advises John Gomez, founder and CEO of the cybersecurity firm Sensato, Inc., and former chief technology officer of Allscripts Healthcare Solutions and WebMD, in the April issue of Atlantic Information Services, Inc.’s (AIS) Report on Patient Privacy. The breaches have affected more than 90 million individuals.

The two attacks share certain hallmarks, one of which is that the perpetrators entered the systems and lay in wait for a year or more before extracting any data, RPP reported. Attackers may breach the systems in more than one way, including through phishing, which involves tricking unsuspecting users into entering their credentials into a mirror website run by the hackers, which was the case in both the Anthem and Premera attacks. Recognizing the “patient” nature of the attackers, it is possible CEs are already compromised and just don’t know it yet, says Gomez.

All breaches provide an opportunity for soul-searching and “lessons learned” for HIPAA CEs and their business associates (BAs) to help them prevent their organizations from suffering a similar fate. The first thing that CEs and BAs should be doing is penetration testing and other activities, and Gomez emphasizes that the “human element” in compliance should not be overlooked. He points out that the Anthem attack was discovered by a system administrator who realized someone was already logged in as him. There are technological fixes that can prevent, or at least track, such double-logins, he says. Penetration testing and vulnerability testing should be done, Gomez says, to see where there may be holes.

Another essential, Gomez tells RPP, is “establishing a level of security and service quality” within the CEs’ and BAs’ vendors and subcontractors, and institute steps that ensure security, even at the risk of upsetting users.

HIPAA officers also need to convince their board of directors to approve the dollars when funds are needed for IT investments, he says, putting aside any fears of being the bearer of bad news.

Visit to read the article in its entirety.

About Report on Patient Privacy
Report on Patient Privacy is the health industry’s #1 source of timely news and business strategies for safeguarding patient privacy and data security. Published for hospitals and other providers, health plans and other HIPAA-covered entities and business associates, the 12-page newsletter focuses on privacy issues that can result in huge fines, penalties and public relations nightmares, including: security breach notification; business associate relations and agreements; and new federal privacy rules for marketing, fundraising, privacy notices, minimum necessary, patient rights and safeguarding privacy in EHRs. Visit for more information.

About Atlantic Information Services
Atlantic Information Services, Inc. (AIS) is a publishing and information company that has been serving the health care industry for more than 25 years. It develops highly targeted news, data and strategic information for managers in hospitals, health plans, medical group practices, pharmaceutical companies and other health care organizations. AIS products include print and electronic newsletters, websites, looseleafs, books, strategic reports, databases, webinars and conferences. Learn more at

Read the full story at

Source: PRWeb
Copyright©2015 Vocus, Inc.
All rights reserved

Related medicine news :

1. SDIX, LLC, an OriGene Company, Achieves Significant Milestone with ISO 13485:2003 Certification
2. Momentum Toward Value-Based Payment in Hospitals Growing Significantly, New Surveys Find
3. Sports Medicine Specialist Weighs In on Wesley Matthew’s Significant Tendon Injury; Can it be Prevented?
4. New Report Connects Reform of New Jersey’s Out-of-Network Health Care Regulations to Significant Costs Savings for State Residents
5. Sanuthera Study Results Show Significant Improvement in Tinnitus Symptoms
6. CPMC Research Institute finds New Regimen Provides Significant Survival Benefit in Advanced Ovarian Cancer
7. Global Sports Medicine Devices Market Benefitting from Significant Contribution from Arthroscopy Segment: MarketResearchReports.Biz
8. Charles E. Holman Foundation Announces Publication of New, Significant Medical Paper on Morgellons Disease
9. Breast Cancer Chemo Tied to Small But Significant Leukemia Risk
10. Physicians in China See Most Significant Demand for MabThera Biosimilar
11. Out-of-Network & Medical Necessity Reviews among Top Ways TPA Identifies Significant Medical Claim Savings
Post Your Comments:
(Date:8/14/2019)... (PRWEB) , ... August 14, 2019 , ... While it ... of how their food and beverage choices can help them manage and, in some ... Group. NPD finds that about a quarter of U.S. adults are trying to manage ...
(Date:8/12/2019)... PEMBROKE PINES, Fla. (PRWEB) , ... August 12, 2019 , ... ... at 15757 Pines Boulevard #315 in Pembroke Pines, Florida 33027. For over 25 years, ... grease trap cleaning and septic tank pumping services . Eco Pump’s steady ...
(Date:8/12/2019)... ... ... Parents craving a nutritious and delicious snack for their kids have a new ... need. IsaKids® Super Smoothie is one of three products launched yesterday at Isagenix ... company also debuted Organic Greens, an updated version of its Isagenix Greens™, and a ...
(Date:8/12/2019)... ... August 12, 2019 , ... Injured veterans from across the ... the 4th annual Lockton Warfighter Sports Charity Challenge being held on September 9 ... in the event again this year will be fifty wounded warfighters and Craig ...
(Date:8/9/2019)... , ... August 09, 2019 , ... The Los ... class action complaint alleging that Mrs. Gooch's Natural Food Markets, Inc., failed to provide ... Mrs. Gooch's Natural Food Markets, Inc., class action lawsuit, Case No. 19STCV26728, is currently ...
Breaking Medicine News(10 mins):
(Date:8/14/2019)... ... August 13, 2019 , ... ... live and age together through the power of play, is proud to announce ... the 2019 Caregiver Friendly® Awards. Today’s Caregiver, the first national magazine for all ...
(Date:8/12/2019)... Fla. (PRWEB) , ... August 12, 2019 , ... ... based in Orlando, Florida. Considered a chief authority in the field of cosmetic ... USA Today turned to Dr. Spence for his knowledge and expertise ...
(Date:8/12/2019)... ... August 12, 2019 , ... Innovators and startup companies ... until Aug. 19, 2019 to apply for the $150K “Make Your Medical Device ... Innovation (NCC-PDI). The competition will be held Sunday, Sept. 22 in Boston, Mass. in ...
Breaking Medicine Technology: