U.S. Health Department unveils new HIPAA rules

The U.S. Department of Health and Human Services (HHS) has announced updated rules that will extend security and privacy requirements to so-called business associates, those contractors and subcontractors, such as billing companies, that perform services on behalf of a health care provider. Source: SC Magazine

Health data breach at Lucile Packard Children’s Hospital

Lucile Packard Children’s Hospital and the Stanford University School of Medicine experienced a health data breach on Jan. 9 when a password-protected laptop computer with pediatric patient medical information was stolen off-campus from a physician’s car. Source: HealthIT Security

What Antivirus Shortcomings Mean For SMBs

Accepting the risks that come with relying solely on AV not only puts data at risk, but also could kill future earning potential. Source: Dark Reading

MA billing company reaches $140K health data breach settlement

More than two years after Joseph and Louise Gagnon of Goldthwait Associates allegedly mishandled medical records with protected health information (PHI) from four Massachusetts pathology groups at the Georgetown Transfer Station, they will have to shell out $140,000 as part of the settlement with Attorney General Martha Coakley. Source: HealthIT Security

Feds step up HIPAA enforcement with hospice settlement

The Hospice of North Idaho will pay $50,000 to the U.S. Department of Health and Human Services following a breach that affected 441 patients -- an indication that the agency is not letting even small incidents slide. Source: SC Magazine

Global Payments breach cost the company $93.9 million – so far

Global Payments, which has never been particularly forthcoming over the loss of 1.5 million card details (it could have been more) in 2012 (it could have been earlier) has now disclosed associated costs of $93.9 million – but it will be more. Source: Infosecurity Magazine

Device containing Sentara Healthcare patient info stolen

About 56,000 Sentara Healthcare patients could be affected by the theft of a device containing some of their personal information.Source: Daily Press

With BYOD, data breaches just waiting to happen

Smartphone insecurity means healthcare patient information, for one, remains at high risk, studies find. Source: CSO Online

University of Michigan Health Data Breach Affects 4k Patients

Personal health information on approximately 4,000 patients treated by the University of Michigan Health System has been breached, and the health system will soon be notifying affected patients. Source: Becker's Hospital Review