UCLA Health System intensifies medical record security following a $865, 000 settlement for high-profile violations of patient privacy

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.dailybruin.com/index.php/article/2011/07/ucla_health_systems

By SHOSHEE JAU
The Daily Bruin
July 11, 2011

On the heels of a hefty court settlement over a confidential records 
breach, the UCLA Health System is administering further safeguards to 
prevent unauthorized viewing of patients? medical records.

Last week, the health system agreed to an $865,000 settlement with federal 
health regulators over a series of incidents that allegedly took place 
between 2005 and 2009. During that time period, multiple hospital 
employees were reported and fired for violating the Health Insurance 
Portability and Accountability Act of 1996 (HIPAA) Privacy and Security 
Rules.

These staff members allegedly viewed the medical records of celebrities 
including Britney Spears, Farrah Fawcett and former California first lady 
Maria Shriver, said Roxanne Moster, UCLA Health System spokeswoman.

Hoping to stave off future incidents, the UCLA Health System has 
collaborated with the U.S. Department of Health and Human Services for the 
past three years, holding in-depth training and putting in place further 
levels of security for private records, Moster said.

[...]

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Learn encryption strategies that manage risk and shore up compliance.
Download Article 1 of CREDANT Technologies' The Essentials Series:
Endpoint Data Encryption That Actually Works
http://credant.com/campaigns/realtime2/gap-LP1/