Information Risk

Subscribe to Information Risk via RSS

News reports of security risks, hackings and breaches caused by individuals, terror groups or even countries around the world certainly are important and can be unsettling. But, for many organizations, including healthcare providers and business associates, a significant and perhaps more immediate area of data risk rests with an organization’s workforce members. An organization’s information

About two years ago, President Obama signed an executive order on the date that he delivered his State of the Union address which directed certain federal agencies to develop voluntary standards for achieving cybersecurity. Preparing for his 2015 State of the Union address, Bloomberg and other news outlets are reporting this morning that President Obama

As we reported, state Attorneys General have authority to enforce the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), pursuant to the authority granted under the Health Information Technology for Clinical and Economic Health (HITECH) Act. Shortly after announcing plans to seek legislation requiring stronger protections for personal and

As we reported, there are a number of signs pointing to a significant tightening of regulation and increased enforcement of data security mandates. Following efforts in New Jersey, New York and Oregon, Indiana Attorney General Greg Zoeller announced his office is seeking legislation that would better protect the online personal and financial information

Some have called 2014 the “Year of the Data Breach.” That may be true given the steady stream of large-scale data breaches affecting tens of millions of individuals. We do not know if this time next year commentators will be saying the same thing about 2015, but there are signs pointing to a

As we’ve discussed previously, medical identity information is worth more than ten (10) times that of financial information on the black market. This gives hackers a financial incentive to obtain such information that is maintained not only by medical providers and pharmacies but also by employers who provide medical insurance coverage to their employees. Employers

After being hit with a data breach, the last thing a company might want is the scrutiny of the union representing its employees affected by the incident. When the data breach potentially affecting hundreds of thousands of United States Postal Service employees was reported, it was not long after that the American Postal Workers

According to the New York Times, Bellevue Hospital Center patient Craig Spencer, the first New Yorker to be infected with Ebola, is scheduled to be released today. And while the intense reporting about Ebola has subsided, perhaps indicating a lowering of the perceived threat of Ebola spreading further in the U.S. (although many continue

Healthcare providers continue to have challenges with responding to attorney requests for information and subpoenas. We highlighted some of these last year, along with some issues providers should be considering to help meet those challenges.  In this case, after the patient advised the provider not to disclose her PHI to her significant other, the