PogoWasRight, to random

HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million:

https://www.hhs.gov/about/news/2024/02/06/hhs-office-civil-rights-settles-malicious-insider-cybersecurity-investigation.html

Another #HIPAA #SecurityRule #enforcement action but this was from an #insider wrongdoing #databreach that police notified the center about in 2015. The theft occurred in 2013. Why is #HHSOCR first settling this NOW?

#IDtheft #fraud

PogoWasRight, to Cybersecurity

An inexcusable gap from breach to notification, or an excusable one?

https://www.databreaches.net/an-inexcusable-gap-from-breach-to-notification-or-an-excusable-one/

Repeat after me: "Date of discovery" does NOT mean the date you completed any investigation. It is the date on which you first knew or reasonably should have known that you had a breach of unsecured PHI.

It is not a huge breach as breaches go, but Sightpath Medical's breach notification raises a lot of questions about compliance with HIPAA's Breach Notification Rule. I hope investigates this one.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • JUstTest
  • rosin
  • thenastyranch
  • ethstaker
  • DreamBathrooms
  • osvaldo12
  • magazineikmin
  • tacticalgear
  • Youngstown
  • everett
  • mdbf
  • slotface
  • ngwrru68w68
  • kavyap
  • provamag3
  • Durango
  • InstantRegret
  • GTA5RPClips
  • tester
  • cubers
  • cisconetworking
  • normalnudes
  • khanakhh
  • modclub
  • anitta
  • Leos
  • megavids
  • lostlight
  • All magazines
    •