Hackers gained unauthorized access to the information technology system of Anthem, Inc., and exposed the PHI of more than 80 million people who are currently or were previously covered by the insurance provider. The attack also exposed the PHI of Anthem's employees, including President and Chief Executive Officer Joseph R. Swedish.
There's considerable confusion about what HIPAA means and what your obligations are under the regulations. I recently presented at a Midwest physician association conference. As is almost always the case, in the front row was an attendee just waiting for the Q&A session.
Q: Is there a sample risk analysis about how an enterprise or clinic might evaluate and determine if data-at-rest protection through encryption is reasonable and appropriate as defined in the HIPAA Security Rule?
The healthcare industry is continuously evolving, and health information technology (HIT) is changing with it. Organizations should take advantage of the technology available to improve healthcare operations but must be aware of the risks that HIT can present.
