Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Nobody Cares About HIPAA
Newest First  |  Oldest First  |  Threaded View
EMONTEIRO027
EMONTEIRO027,
User Rank: Apprentice
3/22/2012 | 2:05:17 AM
re: Nobody Cares About HIPAA
Of course people care about HIPAA. But then again you have to remember... just when they think they're compliant.. some new law or some modification is added to the existing one and then they have to go back and revamp whatever they have to meet the new rules.
Every health care provider's office I've ever walked in definitely cares though and they are not trying to get penalized.
LindaJoyAdams
LindaJoyAdams,
User Rank: Apprentice
3/18/2012 | 5:19:43 AM
re: Nobody Cares About HIPAA
Laws already existed against a breach of privacy by medical providers. And the govt contractors and govt agencies are not included in the HIPPAA protections. So the biggest breach of privacy by a doctor is when the claim is submitted to a govt financed but govt contractor run health plan. The acting Director of medicare , Dr. Berwick, wanted to get them under HIPPAA but was unable to do so. Govt contractors are given immunity from criminal wrong doings and they can;t be internally audited; yet not one in Congress will put back the laws that used to exist: commit a crime or violate laws- investigations and prosecutions can be done. And Internal audits as to how or what our public monies are being used for will be done. Why hire contract auditors if they can only see what the govt contractor wants them to see. All this law did was raise health care costs by increasing as real care of the patient dollars got spent on computer systems; which are now obsolete as we prepare for the ' cloud.' worse of all the new systems are really causing some problems. It is cross checking my drivers license number with when we first moved to this state and using that address instead of my current one.( We actually didn't move but 911 changed the address a few years ago; I even checked but we are paying property taxes on the same legal description) I had a doctor bill in collections before I'd received any notice from the health plan or a bill of what the co- pays were. Now how do I get this corrected when the State of OK driver's license bureau which is interlocked with Home land security isn't under HIPPAA and sharing incorrect info. My submission to correct this didn't take! Only thing I know what to do is go in and start all over with my driver's license renewal. My doctors provide more conscientious privacy than all these messed up govt agencies and their contractors and they are able to do this better without all these computer systems when so many are getting access to my personal info after the claim is filed. Why does Homeland security want or need to know my blood pressure and temperature and other medical info? Also once info is wrong inside the govt contractors; it can't get changed and that includes diagnostic coding which is being done inside the govt contractors to by pass their security protocols and get medicare to pay when others are the primaries, like my federal workers compensation. This can and has been deadly if the data base is used for a medical history. Congress had this study several years ago and nothing has been done to correct some basic problems in the current system. When this is done; its called theft by law which the contractors have been given congressional immunity from stealing the Medicare and even medicaid and other govt health plan monies from.Linda Joy Adams
ANON1241631011972
ANON1241631011972,
User Rank: Apprentice
3/16/2012 | 10:03:47 PM
re: Nobody Cares About HIPAA
I don't think this is an accurate assessment. With the high fines for breaches, we care about HIPAA. However, like Dodd-Frank, we are spending a huge chunk of our budget on compliance activities which provide no healthcare value and add to the cost of healthcare. Most of the so-called "breaches" have no consequence to the consumer because they involve media that was stolen for the value of the media and not for the exploitation of its PHI content. Notwithstanding the lack of actual damages, the insatiable enforcement agencies make the data loss worth millions of dollars to them. This hypocritical behavior on the part of the government (i.e.; pretending to want to reduce costs while, at the same time, driving costs up with every new regulation) is why people are jaded on this subject. Most of the regulations have no practical utility value in terms of "civil rights" protection. This is what makes people cynical about HIPAA.
rmanske53101
rmanske53101,
User Rank: Apprentice
3/16/2012 | 5:35:58 PM
re: Nobody Cares About HIPAA
I don't know who Ben Drake is, but as a source, he's an idiot and has no clue about HIPAA complinace at other companies. I've worked for major healthcare providers and payers alike, and everyone I know takes HIPAA compliance very seriously, in the from of time, resources and capital. Maybe a small doctors office doesn't care much for compliancy, but I can assure you, most in the healthcare industry have gone to great lenghts to be compliate with the regualtions.

To say it mildly, this artical is worthless and Ben Drake doesn't speak for the healthcare industy.


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Machine Learning, AI & Deep Learning Improve Cybersecurity
Machine intelligence is influencing all aspects of cybersecurity. Organizations are implementing AI-based security to analyze event data using ML models that identify attack patterns and increase automation. Before security teams can take advantage of AI and ML tools, they need to know what is possible. This report covers: -How to assess the vendor's AI/ML claims -Defining success criteria for AI/ML implementations -Challenges when implementing AI
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-39236
PUBLISHED: 2022-09-28
Matrix Javascript SDK is the Matrix Client-Server SDK for JavaScript. Starting with version 17.1.0-rc.1, improperly formed beacon events can disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk...
CVE-2022-38934
PUBLISHED: 2022-09-28
readelf in ToaruOS 2.0.1 has some arbitrary address read vulnerabilities when parsing a crafted ELF file.
CVE-2021-41434
PUBLISHED: 2022-09-28
A stored Cross-Site Scripting (XSS) vulnerability exists in version 1.0 of the Expense Management System application that allows for arbitrary execution of JavaScript commands through index.php.
CVE-2022-3354
PUBLISHED: 2022-09-28
A vulnerability has been found in Open5GS up to 2.4.10 and classified as problematic. This vulnerability affects unknown code in the library lib/core/ogs-tlv-msg.c of the component UDP Packet Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may b...
CVE-2022-36771
PUBLISHED: 2022-09-28
IBM QRadar User Behavior Analytics could allow an authenticated user to obtain sensitive information from that they should not have access to. IBM X-Force ID: 232791.