The Wired article, "What Doctors Wish You Knew About HIPAA and Data Security," delves into the limitations and misunderstandings surrounding the Health Insurance Portability and Accountability Act (HIPAA) in safeguarding personal health data. It highlights that HIPAA primarily regulates healthcare entities but does not cover consumer-generated data or information shared outside traditional medical settings, such as through personal devices or social media. The piece underscores the importance of individual vigilance in data protection, emphasizing the use of multi-factor authentication and careful sharing of personal health information, especially in non-regulated platforms. This article serves as a crucial reminder of the evolving challenges in health data security and the shared responsibility between healthcare providers and individuals in protecting sensitive health information.

The Office for Civil Rights has identified that hackers have heavily targeted the healthcare industry in 2020 and 2021, hoping to get unauthorized access to sensitive electronic protected health information (ePHI). Between 2019 and 2020, the amount of unprotected ePHI breaches reported to the US Department of Health and Human Services' Office for Civil Rights (OCR) that affected 500 or more people due to hacking or IT problems climbed by 45 %! In addition, hacking or IT events accounted for 66% of all breaches impacting 500 or more people reported to OCR in 2020.

Read the whole article within...