[ECP] NetHappenings 3/18/19

YOUR HEALTH INFORMATION PRIVACY RIGHTS

HIPPA  

Office for Civil Rights Headquarters
U.S. Department of Health & Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free Call Center: 1-800-368-1019
TTD Number: 1-800-537-7697

HHS Releases Voluntary Cybersecurity Practices for Health Industry

GDPR, California’s Consumer Privacy Act, and next-generation ransomware and denial of service attacks, a firm’s ability to provide security is also becoming a matter of survival. Put it all together, and many CISOs today exist in environments where they are not understood by business executives and thus are not being included in business initiatives until it is too late and security vulnerabilities expose the enterprise to cyberattacks and compliance violations.

WHO OWNS YOUR MEDICAL RECORDS?

In 2016, more than 100 million Americans have had their electronic medical records hacked from health systems. For example, this June, Banner Health in Phoenix had a breach of 3.7 million electronic medical records.
Many hospitals throughout the country have been held hostage for their health information system by hackers and have had to pay ransom to regain control of their patients’ medical data.

2016 more than 100 million Americans have had their electronic medical records hacked. Each one can be sold for $50.
The Health Insurance Portability and Accountability Act was written 20 years ago, when medical records were kept on paper, and is not applicable to the contemporary digital era.

Moreover, the pervasive selling of our medical data is unchecked, with no legal protection. The massive hacking of health system data has not resulted in any new legislation to date or enforcement via established laws.

Informed Patient Institute
We rate the websites that help you find the right doctor, hospital, and nursing homes and we provide tips about quality concerns. also see

https://www.philly.com/philly/health/what-is-philly-health-costs-and-how-can-it-help-me-20180220.html

ProPublica analyzed nearly 17,000 surgeons and found wide variations in complication rates for some of the most routine elective procedures. Explore our database to know more about a surgeon before your operation.
https://www.propublica.org/article/surgeon-level-risk-quotes

2016 Consumer Reports Medical Board Ratings

Medicare Provider Utilization and Payment Data: Physician and Other Supplier

Digital business has become a key driver to business strategy across industries.
CIOs have digital transformation at the center of their corporate
strategy.  #Cybersecurity, amazingly, is often not a top-tier priority in enterprise risk management. The #CISO, is only noticed when things go wrong. This is why CISOs are almost always fired or “resign” after major data breaches. The CISO is usually the most qualified person to manage post breach forensics, cleanup, and compliance audits.
https://venturebeat.com/2019/03/16/cisos-you-need-to-manage-by-walking-around/

Think a strong information security posture means you’re complying with HIPAA? Without proper documentation for government regulators, infosec protocols might safeguard data without meeting federal criteria.

Staff lapses and IT system vulnerabilities are key reasons behind SingHealth cyberattack, according to COI Report

ClassAction.org is a group of online professionals who are committed to exposing corporate wrongdoing and giving consumers the tools they need to fight back. We’ve been reporting on the legal space for nearly a decade and have built relationships with class action and mass tort attorneys across the country.

Prescription Hope
Prescription Hope offers over 1,500 brand-name medications all for the
set price of $50 per month for each medication. This covers 100% of the medication cost, no matter the retail price.

Market Share Matters: Evidence Of Insurer And Provider Bargaining Over Prices
Health-care providers and insurers have to agree on how much doctors will be reimbursed before doctors begin treating insurers’ clients. Those fees, which depend on the two parties’ relative clout. Abstract

A survey of the numbers, published this week in Health Affairs, shows that small-time doctor’s offices and insurance companies are getting squeezed by their larger competitors.
https://www.washingtonpost.com/news/wonk/wp/2017/01/09/its-hard-to-be-a-small-time-family-doctor-these-days-new-data-show/

Finally, U.S. hospitals will have to post their prices online.

Hospitals must post ‘chargemaster’ prices online.
Patient Estimate team call  484.337.1970
FAQ Requirements for Hospitals To Make Public a List of Their Standard Charges via the Internet
https://www.cms.gov/Medicare/Medicare-Fee-for-Service-Payment/AcuteInpatientPPS/Downloads/FAQs-Req-Hospital-Public-List-Standard-Charges.pdf
The chargemaster is not a useful tool for consumers who are comparison shopping between hospitals or health systems.
The chargemaster amounts are billed to an insurance company, Medicare, or Medicaid, and those insurers then apply their contracted rates to the services that are billed. In situations where a patient does not have insurance, our hospital has financial assistance policies that apply discounts to the amounts charged.
https://www.mainlinehealth.org/patient-services/patient-billing/standard-charges

A huge trove of medical records and prescriptions found exposed Thousands of health records and doctor’s notes were exposed daily
By Zack Whittaker TechCrunch.com March 17, 2019 A health tech company was leaking thousands of doctor’s notes, medical records, and prescriptions daily after a security lapse left a server without a password. The little-known software company, California-based Meditab, bills itself as one of the leading electronic medical records software makers for hospitals, doctor’s offices, and pharmacies. The company, among other things, processes electronic faxes for healthcare providers, still a primary method for sharing patient files to other providers and pharmacies. But that fax server wasn’t properly secured, according to the security company that discovered the data. SpiderSilk, a Dubai-based cybersecurity firm, told TechCrunch of the exposed server. The exposed fax server was running a Elasticsearch database with over six million records since its creation in March 2018. The faxes also included personal data and health information on children. None of the data was encrypted. […] Board of Directors responsible

MOUNTAIN VIEW, CA

800 West El Camino Real, Suite 350
Mountain View, California 94040
General +1 650 458 2620
Sales +1 650 458 2625
info@elastic.co
sales@elastic.co

The server was hosted on an subdomain of MedPharm Services, a Puerto Rico-based affiliate of Meditab, both founded by Kalpesh Patel.

NY Governor Cuomo Calls For Investigation on Facebook Health Data Collection

American Travelers Seek Cheaper Prescription Drugs In Mexico And Beyond
In Utah last year, the Public Employee Health Plan took this idea to a new level with its voluntary Pharmacy Tourism Program. For certain PEHP members who use any of 13 costly prescription medications — including the popular arthritis drug Humira — the insurer will foot the bill to fly the patient and a companion to San Diego, then drive them to a hospital in Tijuana, Mexico, to pick up a 90-day supply of medicine.

TechCrunch: Screen time inhibits toddler development, study finds. “In news that will surprise few but still alarm many, a study has found that kids 2-5 years old who engage in more screen time received worse scores in developmental screening tests. The apparent explanation is simple: when a kid is in front of a screen, they’re not talking, walking or playing, the activities during which basic skills are cultivated

Researchers Create Algorithm to Protect Kids from Disturbing YouTube Videos

Computer program that could bypass patents to produce synthetic drugs Software that can bypass current intellectual property and design medication with the same function as top drugs could help pharma companies…

“Massachusetts Attorney General Maura Healey alleges eight Sackler family members and nine Purdue board members or executives played key roles in the nation’s deadly opioid epidemic.