TeleMental Health Blog

0

Medical Device Security

Managing Technology: Medical Device Security 200,000 Systems Shutdown by Ransomware Attack In May 2017, a hacking tool was used to access 200,000 Windows systems in hospitals. The hack affected a Bayer Medrad medical device that improves medical imaging for radiology …

0

Incident Response

Touchstone Medical Fined $3 Million for Delayed Incident Response Touchstone Medical Imaging (TMI) experienced a data breach affecting 307,000 patients. A misconfigured server exposed patient information, making it searchable through Google’s search engine. The Department of Health and Human Services’ …

0

Vulnerability Management

Vulnerability Management – $150,000 Fine Issued for Unpatched Software Anchorage Community Mental Health Services (ACMHS) failed to implement software patches resulting in a breach that affected approximately 2,700 patients. The vulnerability in their system could have been addressed by software …

0

Network Management

$418,000 Fine Issued for Poor Network Management Virtua Medical Group (VMG), based in New Jersey, compromised the PHI of 1,650 individuals as the result of a misconfigured server. A vendor of Virtua updated software on a website that stored documents. …

0

HIPAA Asset Management

Lost Laptop Puts 1,500 Patients at Risk — Pointing to Need for HIPAA Asset Management An employee of Philadelphia’s Department of Behavioral Health and Intellectual Disability Services (DBHIDS) lost an unencrypted laptop on public transportation. The laptop contained the PHI …

0

Data Loss Prevention

Data Protection (Part V): Data Loss Prevention Patient Data Loss as a Result of Ransomware Attack FABEN Obstetrics and Gynecology was the vicitim of a ransomware attack that infected servers containing patient files from January 2007 through April 2017. A …

0

Access Management

Limiting PHI Exposure (Part IV): Access Management What is Access Management? As part of the HIPAA Privacy Rule, user access to PHI must be restricted to the “minimum necessary” that allows the individual to perform his or her job functions. …