Twelve state attorneys general filed a federal lawsuit last month against Medical Informatics Engineering Inc., in Fort Wayne, Indiana, for failing to secure its computer systems, which resulted in a HIPAA data breach that compromised the data of more than 3.9 million people.
Q: In a previous question, you said you can destroy paper records like charts as soon as they are scanned into the EMR if your state considers electronic storage media legally acceptable for medical records. My organization is currently rewriting our policy on shredding charts; is there any reference to this in HIPAA that we can use to back this up?
The healthcare sector is a frequent target of cyberattacks due to the value of PHI, which is the target of financial identity theft and medical identity theft. To safeguard PHI, you need to know the differences among phishing, ransomware, and DoS attacks.