Data Breach Analysis 2009-2012 – HITECH Experience Reviewed by HITRUST

In the first three years that the HITECH data breach notification rules have been in effect (September 2009 – September 2012), almost 500 breaches affecting more than 500 individuals have been reported.  As of this spring, over 57,000 data breaches affecting fewer than 500 individuals have been reported. HITRUST Analysis of U.S. Healthcare Breach Data […]

Upcoming Speaking Engagements – Fall 2012

This conference season has already been a busy one: I organized HealthCamp Boston 2012, which was an exciting one-day unconference that took place right before Medicine 2.0, where I spoke.  I hope that local HealthCamp attendees can keep in touch, and maybe this time around we won't wait three years for the next HealthCamp Boston. […]

OCR Releases HIPAA Privacy and Security Audit Protocol

Having completed an initial 20 HIPAA privacy and security compliance audits since last fall, and with 95 additional audits in the pipeline, OCR has just released its HIPAA privacy and security audit protocol, together with information about the audit pilot program.  As always, information like this is extremely valuable to the regulated community.  Covered entities […]

HealthCare SocialMedia Review #2: The Privacy and Security Edition

Welcome to the latest edition of the HealthCare SocialMedia Review, the blog carnival that's all about health care social media. Today we take a look at some of the privacy and security issues relevant to the medium, and at some other current and topical posts from around the blogosphere. But first, pour yourself another cup […]

Call for Submissions: HealthBlawg Hosts HealthCare SocialMedia Review #2 Next Week

Ladies and gentlemen, boys and girls, the floodgates are open: Please submit your posts for the upcoming sophomore outing of HealthCare Social Media Review — the blog carnival for health care social media, featuring the most recent fortnight's crème de la crème of blog posts on the topic. (Follow the link for submission instructions via web form […]

Context-Relative Informational Norms – Buzzword or Paradigm Shift?

A piece in The Atlantic highlighting Helen Nissenbaum’s approach to privacy has been whipping around the twittersphere over the past couple of days.  The breathless tone of the piece is a little off-putting, but the content, at first glance, is intriguing: Nissenbaum argues that the real problem "is the inappropriateness of the flow of information […]