Tag: Cybersecurity

What are the Security Requirements for HIPAA Compliant Emails?

 Author: Seymore Bones  Published Date: January 30, 2025  Leave a Comment on What are the Security Requirements for HIPAA Compliant Emails?

Security Rule (§164.306)

(a) ENCRYPTION: Securing email containing PHI from end to end. You may visit “The National Institute of Standards and Technology” for advice on the latest and most suitable standards for email services.

(b) Email Phishing Protection: Technology can include email filters and spam protection systems that help detect and block phishing emails before they reach the user’s inbox. Anti-phishing software solutions can detect and block phishing attempts by analyzing web traffic and identifying malicious websites designed to steal user credentials.

(c) Spam Protection: Email spam protection is a system designed to detect and block unwanted or potentially harmful email messages from reaching a user’s inbox.

(d) Virus Protection: Installed on email servers and user devices, virus protection solutions scan emails, including attachments and links in emails for viruses. The software is automatically updated with the latest virus definitions to protect against new threats and provide continuous monitoring and real-time protection of email traffic. 

(e) Ransomware Protection: Ransomware security protection involves a range of measures and tools designed to prevent, detect, and respond to ransomware attacks. In addition to antivirus software, phishing detection, spam filters, and email filtering discussed above, ransomware includes endpoint protection which monitors and secures individual devices against ransomware attacks along with the entire network of devices.

For more content follow this link to "The HIPAA Journal"

UHC Major Data Breach

 Author: Seymore Bones  Published Date: July 21, 2024  Leave a Comment on UHC Major Data Breach

Just four months after the Change Cyberhack, UnitedHealth Care is hit again. 

Community Health Centers (CHC), has disclosed a major data breach. CHC has revealed that a “substantial quantity of data” was stolen, impacting a “substantial proportion of people in America.” UnitedHealth’s CEO Andrew Witty estimated one-third of all Americans have been affected by the breach. That is over 111 million people. 

“While CHC cannot confirm exactly what data has been affected for each impacted individual, information involved may have included contact information (such as first and last name, address, date of birth, phone number and email. 

This means that millions of individuals could be at risk of identity theft and other forms of fraud.

UHC Notably Absent from Congressional Hearing

 Author: Seymore Bones  Published Date: April 22, 2024  Leave a Comment on UHC Notably Absent from Congressional Hearing

Quotes from Texas Medicine 4/19/2024, Emma Freer Article

“The attack has exposed the vulnerability in our health care system and the disproportionate burden placed on physician practices by insurers, government payers, and third-party vendors,” Dr. Bruggeman told lawmakers.

“The Change outage was disruptive to the business of my practice, but most importantly it was disruptive to my patients,” he said. “Every minute my staff spent trying to reconcile [electronic remittance advice] with received payments, assessing which patients received incorrect bills, [and] resubmitting prior authorizations is time taken away from patient care.”

“To add insult to injury, some of these practices were purchased by Optum during the crisis,” he said. “There were even reports of Optum using the financial emergency caused by the cyberattack on its own subsidiary as legal justification to expedite its acquisition of physician practices.” 

In the meantime, Dr. Bruggeman called on Congress to pass legislation that would insulate physician practices from industry consolidation and other existential threats. 

“Allowing physicians to practice in the setting that is best for them, their patients, and the broader community should be the hallmark of our United States health care system,” he said. “Instead, the increase in administrative burden, including the new threat of potential cyberattacks, makes such events catastrophic for many providers.”

For the full very interesting article: https://www.texmed.org/TexasMedicineDetail.aspx?id=64062&utm_campaign=TMT&utm_medium=email&_hsenc=p2ANqtz-9E4jpFAqBr1fYThi6pjc3ECIrkJtF4-urerPcLF78JmZ4BixUPkxoA-ngiRvbPx06ORd5U2bsbiOEFK-CaqUP6-URb8jMZ6SEHyZL-aPXwfFmCQ9w&_hsmi=303492305&utm_content=303492305&utm_source=hs_email