Navigation Links
In the Wake of Significant Security Breaches, Expert Urges Proactive Approach to Identifying Compromised PHI in AIS Newsletter

Washington, DC (PRWEB) April 08, 2015

In the wake of massive data breaches at Premera Blue Cross and Anthem Inc., the imperative is on HIPAA covered entities (CEs) to figure out posthaste whether their protected health information (PHI) is already compromised, advises John Gomez, founder and CEO of the cybersecurity firm Sensato, Inc., and former chief technology officer of Allscripts Healthcare Solutions and WebMD, in the April issue of Atlantic Information Services, Inc.’s (AIS) Report on Patient Privacy. The breaches have affected more than 90 million individuals.

The two attacks share certain hallmarks, one of which is that the perpetrators entered the systems and lay in wait for a year or more before extracting any data, RPP reported. Attackers may breach the systems in more than one way, including through phishing, which involves tricking unsuspecting users into entering their credentials into a mirror website run by the hackers, which was the case in both the Anthem and Premera attacks. Recognizing the “patient” nature of the attackers, it is possible CEs are already compromised and just don’t know it yet, says Gomez.

All breaches provide an opportunity for soul-searching and “lessons learned” for HIPAA CEs and their business associates (BAs) to help them prevent their organizations from suffering a similar fate. The first thing that CEs and BAs should be doing is penetration testing and other activities, and Gomez emphasizes that the “human element” in compliance should not be overlooked. He points out that the Anthem attack was discovered by a system administrator who realized someone was already logged in as him. There are technological fixes that can prevent, or at least track, such double-logins, he says. Penetration testing and vulnerability testing should be done, Gomez says, to see where there may be holes.

Another essential, Gomez tells RPP, is “establishing a level of security and service quality” within the CEs’ and BAs’ vendors and subcontractors, and institute steps that ensure security, even at the risk of upsetting users.

HIPAA officers also need to convince their board of directors to approve the dollars when funds are needed for IT investments, he says, putting aside any fears of being the bearer of bad news.

Visit to read the article in its entirety.

About Report on Patient Privacy
Report on Patient Privacy is the health industry’s #1 source of timely news and business strategies for safeguarding patient privacy and data security. Published for hospitals and other providers, health plans and other HIPAA-covered entities and business associates, the 12-page newsletter focuses on privacy issues that can result in huge fines, penalties and public relations nightmares, including: security breach notification; business associate relations and agreements; and new federal privacy rules for marketing, fundraising, privacy notices, minimum necessary, patient rights and safeguarding privacy in EHRs. Visit for more information.

About Atlantic Information Services
Atlantic Information Services, Inc. (AIS) is a publishing and information company that has been serving the health care industry for more than 25 years. It develops highly targeted news, data and strategic information for managers in hospitals, health plans, medical group practices, pharmaceutical companies and other health care organizations. AIS products include print and electronic newsletters, websites, looseleafs, books, strategic reports, databases, webinars and conferences. Learn more at

Read the full story at

Source: PRWeb
Copyright©2015 Vocus, Inc.
All rights reserved

Related medicine news :

1. SDIX, LLC, an OriGene Company, Achieves Significant Milestone with ISO 13485:2003 Certification
2. Momentum Toward Value-Based Payment in Hospitals Growing Significantly, New Surveys Find
3. Sports Medicine Specialist Weighs In on Wesley Matthew’s Significant Tendon Injury; Can it be Prevented?
4. New Report Connects Reform of New Jersey’s Out-of-Network Health Care Regulations to Significant Costs Savings for State Residents
5. Sanuthera Study Results Show Significant Improvement in Tinnitus Symptoms
6. CPMC Research Institute finds New Regimen Provides Significant Survival Benefit in Advanced Ovarian Cancer
7. Global Sports Medicine Devices Market Benefitting from Significant Contribution from Arthroscopy Segment: MarketResearchReports.Biz
8. Charles E. Holman Foundation Announces Publication of New, Significant Medical Paper on Morgellons Disease
9. Breast Cancer Chemo Tied to Small But Significant Leukemia Risk
10. Physicians in China See Most Significant Demand for MabThera Biosimilar
11. Out-of-Network & Medical Necessity Reviews among Top Ways TPA Identifies Significant Medical Claim Savings
Post Your Comments:
(Date:6/12/2019)... ... June 12, 2019 , ... Ovation Travel ... U.S., today announced that its Chairman and CEO Paul Metselaar has received the ... presented last Wednesday evening at New York City’s Capitale as part of the ...
(Date:6/12/2019)... , ... June 12, 2019 , ... ... significantly impacts their life, preventing them from participating in education or the workforce, ... will urge policymakers to recognize communication as a human right and address communication ...
(Date:6/11/2019)... (PRWEB) , ... June 11, 2019 , ... ... report on its recent workshop with government regulators, biopharma companies, and ... facioscapulohumeral muscular dystrophy (FSHD) . The Society is the world’s largest research-focused ...
(Date:6/6/2019)... CITY, Mo. (PRWEB) , ... June 05, 2019 ... ... accountable care, today announced the call for speaker proposals for its fourth annual ... in Scottsdale, Arizona. , The annual symposium brings together hundreds of health ...
(Date:6/6/2019)... ... ... The fourth annual event takes place on Saturday, June 8, at the Gulf Place Beach ... we feel it is important to be a positive influence in the community and connect ... along the Emerald Coast and we look forward to supporting this event each year,” said ...
Breaking Medicine News(10 mins):
(Date:6/13/2019)... ... June 13, 2019 , ... Recent lawsuits, including ... a back problem, underscore the responsibility of employers to provide reasonable accommodations to ... requests are reasonable and which are not - from requests by hearing-impaired and ...
(Date:6/13/2019)... Va. (PRWEB) , ... June 13, 2019 , ... The ... new executive director to succeed current executive director Nicholas Croce Jr., MS. The search ... of the Board of Directors, past APNA Presidents, and Council and Chapter leaders. , ...
(Date:6/13/2019)... ... June 13, 2019 , ... ... years of educating medical professionals and the public about non-invasive photobiomodulation (PBM) therapy ... in Orlando, Florida to help commemorate the milestone. , Also known ...
Breaking Medicine Technology: