According to HHS data, more than a third of all data breaches reported through 2017 involved a laptop, desktop, or mobile device.1 Compare Cases One and Two, and consider how better security practices protected the covered entity in Case Two.
Learn More »
Employees access PHI for various illegitimate reasons. Including error and misuse, 71% of all cyber incidents in healthcare have an insider source1— the only industry that has more internal sources than external. Although the following case study involves only one patient, the covered entity was required to complete a data breach analysis and notify the patient and HHS.
Learn More »A data breach doesn’t need to be criminal or intentional to be reportable. When a storage device is small, it is sometimes difficult to determine whether the device was lost, misplaced or stolen. However, even if a flash drive is presumably lost, a breach analysis must still be conducted and potentially affected patients must be notified if there is a probability of data compromise.
Learn More »According to the defense expert in the following case, patients who can’t or won’t engage in alternative treatments for their pain should not be prescribed pain medications as a matter of course. Consider how the overdose in the following case could have been prevented if the internist had followed the CDC opioid prescribing guidelines.
Learn More »
Concurrent use of opioid pain medications, benzodiazepines, antihistamines, antipsychotics, antianxiety agents, or other CNS depressants increases a patient’s risk for overdose.1
Learn More »