The Department of Veterans Affairs has taken steps to help ensure thumb drives lacking encryption cannot be plugged into its computers. The move comes following the discovery of an unencrypted drive containing personal information on veterans.
A Florida hospital is notifying approximately 40,000 of its emergency room patients about a breach incident involving stolen paper records that it believes might have affected about 1,500 of those patients.
Healthcare organizations need to improve the methods they use to objectively assess the severity of a security incident and whether it should be reported to comply with the HITECH Act's breach notification rule, one privacy officer says.
In the year since the breach notification rule for personal health records took effect, no major breaches affecting 500 or more individuals have been reported, according to the Federal Trade Commission.