January 17, 2018
Ships Could Soon Be Routinely Intercepted – Worldwide
This week, foreign ministers from the US and about 20 other countries will discuss the possibility of intercepting vessels headed to North Korea, as part of expanding efforts to pressure Pyongyang into abandoning its nuclear weapons and ballistic missile programs. The meeting will take place in Vancouver on Jan. 16, with Canada and the US serving as co-hosts. Attendees will primarily be the nations that sent troops to the Korean war of 1950-53, among them South Korea, Japan, Australia, India, Britain, and France. Neither China nor Russia will attend, though they will be given a readout of the discussion.
HHS' Patient Record Access Regulations 'Unlawful' – United States
A federal lawsuit alleges that Department of Health and Human Services regulations "unlawfully ... and capriciously" restrict the fees healthcare providers and their medical record vendors can charge for gathering and disseminating a variety of health information upon patients' requests. The case also spotlights some of the hurdles and confusion that healthcare entities often face in providing patients with secure access to their health information. The lawsuit was filed on Jan. 8 in the Washington, D.C. circuit court by medical record retrieval firm CIOX Health against Eric Hargan in his official capacity as acting HHS secretary. In court documents, CIOX alleges that changes implemented by HIPAA Omnibus regulations in 2013 and modified in 2016 "threaten to bankrupt the dedicated medical-records providers who service the healthcare industry by effectively and quite deliberately - mandating that they fulfill a rapidly growing percentage of requests for protected health information at a net loss."
Nearly 280,000 Medicaid Patient Records Breached in Hack – Oklahoma, United States
An unauthorized user hacked into the Oklahoma State University Center for Health Sciences network in November, accessing folders that contained the Medicaid billing information of 279,865 patients. According to the breach notice, officials discovered the intrusion on Nov. 7. The affected Medicaid folders were removed from the network and third-party access was terminated the next day. OSUCHS launched an investigation and hired an outside security firm to determine whether the folders were compromised. Officials couldn't rule out third-party access. The folders contained patient names, Medicaid numbers, provider names, dates of service and treatment information. Only one Social Security number was on the server. Officials said these folders didn't contain medical records. However, it's important to note cybercriminals can use this type of information for medical fraud. "For patients affected by this incident, please be alert to any healthcare services you did not receive from any of your providers," officials said in a statement. "If you learn of any services you did not receive, please contact your provider and Medicaid immediately."
FOR MORE INFORMATION:
To sign up for the complete daily G4S Corporate Risk Services Intelligence Bulletin, as well as regular intelligence and risk updates and news, click here to subscribe!