with support from the Puffin Foundation.
In New York City’s Chinatown, a city-run vaccination site with no signage or intake questions in Chinese. In California, non-English speakers handed COVID-19 vaccination cards without information on what they mean. In Pennsylvania, people who speak Mandarin, Korean, and Japanese unable to make vaccine appointments due to a lack of interpreters at hospital call centers.
These are just a few of the examples captured in a new complaint filed on Friday to the U.S. Department of Health and Human Services’ Office for Civil Rights, Federal Emergency Management Agency’s Office of Equal Rights, and Department of Homeland Security’s Office for Civil Rights and Civil Liberties. The complaint, brought by the National Health Law Program, finds widespread problems across the country that inhibit access to COVID-19 resources for people with limited English proficiency (LEP).
GovInfoSecurity
Compliance
Compliance
HealthInfoSec) • April 20, 2021 Get Permission
Given the surge in the use of telehealth during the COVID-19 pandemic - and expectations for continued growth - the Healthcare and Public Health Sector Coordinating Council has unveiled guidance on safeguarding patient data during remote care encounters.
The recommendations include implementing encryption, enhancing monitoring capabilities and using privileged account management tools.
FAIR Health, a nonprofit organization that tracks health insurance claims data, found that telehealth claims to private insurers grew 4,347% from 2019 to 2020 as a result of remote care during the pandemic, HSCC notes.
And the research firm Frost & Sullivan projects a sevenfold growth of telehealth by 2025.
Get the latest industry news first when you subscribe to our daily newsletter.
We will never sell or share your information without your consent. See our privacy policy.
(Photo: Getty Images)
A Colorado-based eye care practice reported this past week that a phishing incident had led to the potential exposure of more than 26,000 patients information.
According to a notice posted to its website, Colorado Retina Associates first discovered that an unauthorized individual had gained access to an employee s work email on January 12.
After a forensic investigation, CRA determined that two user accounts that had patient information may have been synced, or copied, by the bad actors. Although CRA could not fully determine whether, and to what extent, the unauthorized individual(s) viewed any personal information, regrettably it is possible, because of the syncing, that some patients’ personal information may have been acquired and could therefore be viewed by the unauthorized individual(s), wrote system representatives.
Get Permission
A coalition of 41 state attorneys general has reached a settlement with American Medical Collection Agency in the wake of a 2018 data breach that compromised the personal and health data of 21 million individuals and pushed the company to file for bankruptcy.
Under the settlement, Elmsford, New York-based AMCA has agreed to implement data security practices, including developing and implementing an incident response plan, employing a CISO, and hiring a third-party assessor to perform an information security assessment.
As part of the agreement, AMCA may also be liable for a $21 million payment to the states if the company violates the injunctive terms of the agreement. Because of AMCA’s financial condition, however, the payment will be suspended if no violation occurs, the NY attorney general s statement notes.