Sensitive Data and the Pharmacy Industry

By Kat Sanders of Pharmacy Technician Certification

There is a surfeit of Information today, and although we have come up with ways and means to store them for eternity, we are still not able to ensure their security. Information is valuable only as long as it remains protected, and once in the hands of people who are likely to misuse it, it turns into a recipe for disaster.

ISR News: New HIPAA Security Rules Issued

Excerpts From AAFP.org

According to provisions in the legislation, physicians now will be required to track any disclosure of a patient’s medical information. Previous regulations allowed physicians to disclose patient information for the purpose of treatment, payment or health care operations, but they were not required to track when that information was disclosed.

HIPAA Privacy & Security Update Webinar

Press Release:

Catch up on the latest amendments, enforcement trends and other HIPAA Privacy & Data Security Rule developments by participating in the “HIPAA Privacy & Security Update Teleconference” on March 25, 2009 hosted by Solutions Law Press. Learn what you and your organization need to know to comply with new requirements and manage HIPAA compliance while getting valuable training that will help your organization document its efforts to comply with HIPAA’s training requirements.

ISR News: HIPAA and Your Health Records

Excerpts From Search Security

Healthcare is unique in that storage of electronic health records is highly distributed between primary care physicians, specialist doctors, hospitals, and insurance/HMO organizations. Information has to be efficiently shared among these entities with great sensitivity towards patient privacy and legitimate claims processing. Patients want to prevent over zealous employers from performing unauthorized background checks on medical history; claim processors want to prevent paying fraudulent claims arising from targeted patient identity theft.

ISR News: HIPAA Has New Teeth

Excerpts From SearchSecurity.com

CVS Caremark Corp has agreed to pay $2.25 million to settle a federal investigation into allegations that it violated HIPAA privacy regulations when pharmacy employees threw items such as pill bottles with patient information into the trash.

• Categories

  • Anthony M. Freed (26)
  • Bill Brenner (2)
  • Bob Violino (1)
  • Bozidar Spirovski (23)
  • Breach (540)
  • Britt Womelsdorf (5)
  • By Dr. InfoSec (2)
  • Cara Garretson (7)
  • CCCNews (1)
  • Chorey Taylor & Feil (8)
  • Christophe Veltsos (2)
  • Christopher Burgess (7)
  • CIOZone (26)
  • Class Action Lawsuit (111)
  • Cloud computing (113)
  • Coby Royer (5)
  • CTO Forum (9)
  • D&O Liability (601)
  • Daniel Wallace (5)
  • Danny Lieberman (11)
  • DataLine (10)
  • David Alexander (2)
  • Derek Crawford (1)
  • Doug Pollack (7)
  • due diligence (310)
  • Fame Foundry (1)
  • FEATURE ARTICLE (428)
  • Financial (587)
  • Fred Leland (7)
  • Gene Kim (3)
  • Government (373)
  • Greg George (5)
  • H1N1 (15)
  • hackers (539)
  • healthcare (134)
  • Heather Bourgoin (1)
  • HomeATM (8)
  • identity-theft (535)
  • IDExperts (17)
  • Ike Z. Devji (1)
  • Infosec Island Network (38)
  • Insider Threat (490)
  • Internet Crime Complaint Center (1)
  • Internet Security Alliance (71)
  • ISR News (321)
  • Jacqueline Herships (2)
  • Jenni Hesterman (3)
  • John M. Salomon (2)
  • John Watkins (7)
  • John-Patrick Skaar (2)
  • Kaliber Data Security and Compliance Consultants (3)
  • Kat Sanders (2)
  • Ken Leeser (3)
  • Kevin L. Jackson (10)
  • Kevin M. Nixon (21)
  • Larry Ketchersid (1)
  • Laton McCartney (7)
  • Lauren Taylor (1)
  • Linda McGlasson (1)
  • malware (501)
  • Mark Smail (1)
  • Mark Wright (1)
  • Mel Duvall (3)
  • Michael Eggebrecht (3)
  • Michael Lohr (1)
  • Michael O'Conner (4)
  • MicroSolved (1)
  • Mike Duncan (3)
  • Mike Meikle (4)
  • Mike Spinney (1)
  • Military (211)
  • national security (453)
  • PCI (308)
  • PCI Security Standards Council (32)
  • Physical Security (11)
  • privacy (552)
  • Rachel James (10)
  • reach (11)
  • Rebecca Herold (16)
  • Richard Stiennon (44)
  • Robert Siciliano (34)
  • Sarbanes-Oxley (502)
  • ScamStop (2)
  • Sean Wilkins (2)
  • Semyon Dukach (1)
  • Simon Heron (14)
  • Software Associates (11)
  • Steven Fox (19)
  • SUPERAntiSpyware (3)
  • Sybase (6)
  • Symplified (5)
  • The Jester (8)
  • The Privacy Professor (16)
  • Thomas R. Fox (8)
  • Tom Groenfeldt (2)
  • Tom McLain (2)
  • Trefis (14)
  • Tripwire (18)
  • Uncategorized (621)
  • virtualization (101)
  • Webcast (49)

• ISR Headline Index

  • Hackers Lurking in Hotel Networks
  • 7 Month Vulnerability in Windows Virtual PC
  • How to Secure a Cisco Router
  • On HTML Insecurities…
  • When Social Networking Clashes with Security
  • Spam Block: Public Servants or Vigilantes?
  • Sticky Situations in Social Media
  • Quick Tips for Using Secure Shell
  • Consolidate Compliance With Open Source
  • DoS Attack Reveals Widespread Vulnerabilities
  • Study Shows Employees Put Data at Risk
  • Tracking Google’s Script Kiddie Hackers
  • Newbie Introduction to Digital Forensics Part 2
  • Simple Log Review Checklist Released
  • Press F1 for Help? Microsoft Zero Day Threat!

• Recent Comments

  • Ryan Aslett on Data Loss Prevention Has Jumped the Shark
  • Tom on (Lack Of) Encryption and The HITECH Act
  • ADMIN on Patriot Hacker Hits Jihad With DDoS Attacks
  • Robert Siciliano on Data Loss Prevention Has Jumped the Shark
  • Karen J. Cox on Data Loss Prevention Has Jumped the Shark
  • Scot McLeod on Outsourcing Breach Response Lowers Costs
  • John Marke on Gartner Tells CIOs to Embrace Social Media
  • Social Engineering and Enterprise Security | CIO – Blogs and … | Enterprise Engineering Addict on Gartner Tells CIOs to Embrace Social Media
  • From Russia, With Smartphones on Top 8 Social Media Security Threats
  • Judith Hoffman on Scam Alert: Rogue Gmail Account Phishing
• 
  

  Information Security Resources

  Top network security blogs