Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    chatgpt image jul 13, 2026, 04 23 45 pm
    How Data Analytics Helps Companies Improve User Engagement
    19 Min Read
    chatgpt image jul 13, 2026, 03 59 46 pm
    How Data Analytics Improves Multi-Location Search Strategies
    10 Min Read
    cybersecurity efforts
    How Behavioral Analytics and AI Are Redefining Cybersecurity for Boca Raton Businesses
    14 Min Read
    data driven risk management in heatlhcare
    How Data Analytics Is Changing Healthcare Risk Management
    17 Min Read
    big data and customer service outsourcing
    How Data Analytics Improves Customer Service Outsourcing
    18 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: HIPAA Breach Lessons Learned
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > Data Management > Best Practices > HIPAA Breach Lessons Learned
Best PracticesBig DataData ManagementInside CompaniesITLocationPolicy and GovernancePrivacySecurity

HIPAA Breach Lessons Learned

onlinetech
onlinetech
5 Min Read
HIPPA compliance
Shutterstock Licensed Photo
SHARE

While no records were broken when it comes to number of health records disclosed per data breach, the top HIPAA breaches of last year still come with some hard lessons learned about technical and physical security. Learn from their mistakes and protect your healthcare organization from suffering the same fate:

While no records were broken when it comes to number of health records disclosed per data breach, the top HIPAA breaches of last year still come with some hard lessons learned about technical and physical security. Learn from their mistakes and protect your healthcare organization from suffering the same fate:

Who: Crescent Healthcare, a Walgreens company that manages and delivers pharmacy and nursing solutions in alternate site settings.
What: Last December, someone broke into Crescent’s billing center and stole a desktop computer, according to HealthCareITNews.com and the HHS reported breaches data. The desktop computer may have contained names, addresses, phone numbers, Social Security numbers, health insurance data, birthdates and clinical diagnoses. Over 100,000 individuals were affected.
Remediation: The company is retaining employees and service providers on security, and enhancing security policies and procedures.
Lessons Learned: Don’t store ePHI (electronic protected health information) locally on devices. Storing health data in a secure, offsite HIPAA compliant data center with limited, protected access could have prevented this data breach. Check that your HIPAA hosting provider can supply a HIPAA report on compliance to ensure data is safe.

Two-Factor Authentication

More Read

SAP Big Data Chat: The Data Scientist [VIDEO]
What data mining software to buy?
Technologists: Leverage Your Talent/Ideas/Experience To Contribute To The Digital Transportation Exchange
Hardcoding + procedural code = bad news
Data Error Inequality

Who: Howard University Hospital
What: In early 2012, a former contractor that downloaded patient data (in violation of hospital policy) onto their personal laptop reported the theft of the unencrypted device from their vehicle. Names, addresses, IDs, medical record numbers, birthdates, admission/discharge dates and diagnoses information for over 66,000 patients were all saved locally on the laptop.
Remediation: The hospital extended its policy of encrypting all laptops to include contractor data/laptops.
Lesson Learned: Employee data security policies should cover all employees that have access to ePHI, not just full-time staff. Encrypting data is key. And again, keeping sensitive data off of devices and using a security tool like two-factor authentication for VPN (Virtual Private Network) access cuts down on risk of unauthorized access.

Who: Apria Healthcare, Inc., provider of home medical equipment.
What: Last June, an Apria employee had their laptop stolen from their locked car – billing information for 65,700 patients was stored on the laptop’s hard drive.
Remediation: Apria is working on its internal patient privacy security program and encrypting company laptops.
Lesson Learned: Why do people leave laptops in their cars? Even if locked you’re running a big risk. Aside from that, employee security training may have raised awareness about the dangers of leaving electronics vulnerable, and again, keeping data off of portable devices.

Who: University of Miami Hospital
What: Two employees were accessing patient information from registration ‘face sheets’ and may have sold information to a third party. Face sheets contain name, address, birthdate, insurance policy numbers and the reason for the visit. According to HHS.gov, over 64,000 individuals were affected.
Remediation: The employees were identified and fired.
Lesson Learned: Background checks and employee HIPAA training may have prevented this incident, but often insider threats are the most difficult to detect. File integrity monitoring (FIM) is a service that can be configured and customized to monitor certain folders and files in order to protect ePHI from being altered or destroyed, and fulfills the HIPAA requirement to implement hardware or software to record and examine activity in systems that contain ePHI.

While using the technical services of a HIPAA hosting provider may have prevented or reduced the risk of a data breach in the above top HHS breach cases of 2012, as a covered entity, you need to ensure you can trust your business associates’ security practices. Read Five Questions to Ask Your HIPAA Hosting Provider for a checklist of questions and answers.

References:

Walgreens Company Announces Data Breach
Howard University Laptop Theft Affects 34,000+
Stolen Laptop at Apria Healthcare Exposes Patient Data
University of Miami Hospital Data Incident

TAGGED:cybersecuritydata breachhipaa
Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

chatgpt image jul 13, 2026, 04 23 45 pm
How Data Analytics Helps Companies Improve User Engagement
Analytics Big Data Exclusive
chatgpt image jul 13, 2026, 04 19 58 pm
Can AI Help Companies Improve PPC Fulfilment?
Artificial Intelligence Exclusive
chatgpt image jul 13, 2026, 04 14 54 pm
How AI Helps Companies Adapt to Fulfillment Strategy Changes
Artificial Intelligence Exclusive
chatgpt image jul 13, 2026, 03 59 46 pm
How Data Analytics Improves Multi-Location Search Strategies
Analytics Big Data Exclusive

Stay Connected

1.2KFollowersLike
33.7KFollowersFollow
222FollowersPin

You Might also Like

HIPAA Violations Cost Health Insurer $1.7 Million: Lessons Learned

4 Min Read
apple face recognition in the age of big data
Big DataExclusive

Wiping An iPhone With And Without An Apple ID In The Age of Big Data

6 Min Read
big data security
AnalyticsBest PracticesBig DataData ManagementData MiningData VisualizationExclusivePredictive AnalyticsPrivacyRisk ManagementSecurityWorkforce Data

The Big Data Security Transformation

6 Min Read

What’s Next – Predictive Scores for Healthcare?

4 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

giveaway chatbots
How To Get An Award Winning Giveaway Bot
Big Data Chatbots Exclusive
ai chatbot
The Art of Conversation: Enhancing Chatbots with Advanced AI Prompts
Chatbots

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-26 SmartData Collective. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?