• 1-(800) 510-9053
  • 1-(415) 259-6503

Administrative Safeguards Need to be Comprehensive and Regularly Updated


Healthcare organizations must guarantee that they have comprehensive and regularly updated administrative safeguards, such as user authentication procedures and proper access control with all healthcare facility. A failure to have these in place, or having outdated ones, could potentially lead to a data breach. This was proven in a recent Pennsylvania federal grand jury case, where a man was indicted on charges stemming from a healthcare hacking incident in 2013. A Texas man was indicted on Intentional Damage to a Protected Computer and Wire Fraud, and potentially faces a maximum total sentence of 30 years in prison, a fine of $500,000 or both, according to a Western District of Pennsylvania US Attorney’s Office statement.

“[Brandon A. Coughlin] intentionally hacked and damaged 13 servers operated by a local healthcare facility and engaged in a scheme to defraud that healthcare facility by using its purchase card to order merchandise from Staples,” the press release read. The facility hired Coughlin in January 2013 to work as an in-house computer systems administrator, although Coughlin resigned one month later at the management’s request.1

“Using the administrative passwords, he knew from his employment, on September 18, 2013, Coughlin hacked the computer network of the healthcare facility, disabled all administrative accounts needed to control any and all of the computer servers of the healthcare facility, and deleted users’ network shares, business data, and patient health information data, including patient medical records, causing a loss of more than $5,000.00,” the Attorney’s Office explained.1

Telegenisys has instituted physical, technical and administrative safeguards to ensure that its client’s data is safe from all unauthorized access. This includes all forms of medical records and electronic private health information. know more…

1 http://healthitsecurity.com/news/administrative-safeguard-need-highlighted-in-tx-indictment

Related Posts

  • 52
    Charles Aunger of Health2047 reports on the all too common practice of patients having to hand deliver printed copies of their health records to each practitioner. But even this hand delivery only gets around one part of the EHR non-interoperability problem. Overstretched office staff will have to take time away…
    Tags: data, patient, records, health, office, healthcare
  • 48
    Data Integrity in Healthcare Best Practices to Prevent Common EHR Errors Our free guide shows how to prevent corruption of Electronic Health Records (EHR) caused by human and automated errors. If you use EHR to manage care, and you should, then you owe it to your patients to ensure that…
    Tags: data, records, facility, health, medical, healthcare, control, patient
  • 40
    For the first time, the Office of Civil Rights (“OCR”) penalized a covered entity for failure to implement audit procedures to review, modify, and/or terminate users’ right of access. More than 100,000 individuals had their electronic Protected Heath Information (“ePHI”) records impermissibly disclosed. The settlement agreement with Memorial Healthcare System…
    Tags: $, access, office, healthcare, records, health, network, data, medical, safeguards

no Comment

  • c-icon

  • iso-9001-logo-small

  • iso-27001-logo-small

  • c-icon4

Telegenisys Inc. © Copyright 1999-2017 All Rights Reserved             Privacy Policy  |  Site Map