Two hacking incidents involving vendors providing important IT-related and other services to dozens of covered entity clients are among the latest breaches affecting hundreds of thousands of individuals' data and show how mounting reliance on third parties creates increased risk to patient data.
Another proposed federal class action lawsuit alleges Facebook uses its Pixel tracking tool to collect millions of individuals' sensitive health data from healthcare provider websites without patients' knowledge or consent. HIPAA prohibits the use of PHI for marketing purposes without consent.
New draft guidance from the National Institute of Standards and Technology - if properly applied by HIPAA regulated entities - could help organizations avoid fines and similar enforcement actions by regulators in the wake of breaches, some experts say.
A slew of HIPAA enforcement actions is a sign that regulators are impatient with the short shrift that many medical providers give to providing patients access to their health information. No fewer than 11 of the last dozen HIPAA fines focus on a right of access dispute.
Many healthcare sector entities are undertaking projects involving the collection, analysis and sharing of large volumes of health data. But along with those efforts come critical privacy and security concerns, says attorney Iliana Peters of Polsinelli.
The Biden administration continues to react to the Supreme Court's overturn of precedent guaranteeing a constitutional right to abortion, issuing Friday an executive order that includes provisions to help safeguard the privacy of patients' data.
Organizations that work with or within the healthcare industry need to prioritize and manage security and privacy-related risk and compliance programs. As the global standard for safeguarding information, HITRUST delivers a scalable, prescriptive, and certifiable framework that enables organizations to demonstrate...
Organizations that work with or within the healthcare industry need to prioritize and manage security and privacy-related risk and compliance programs. As the global standard for safeguarding information, HITRUST delivers a scalable, prescriptive, and certifiable framework that enables organizations to demonstrate...
Learn how you can implement a Zero Trust strategy in a healthcare environment through the support of Palo Alto Networks. This guide focuses on the unique needs of the healthcare industry, such as:
Protecting sensitive data, such as electronic medical records and patient data;
Protecting medical devices;
Maintaining...
Memo to IT administrators: Don't store data in cloud in an unsecure manner. Security researchers at Secureworks have found more than 1,200 cloud-based, unsecured Elasticsearch databases that attackers wiped, leaving only a ransom note demanding Bitcoin in return for their restoration.
A consolidated legal case that includes allegations of embezzlement, trade secret theft and intimidation offers an inside look at a complicated and messy alleged insider breach reported last year by a Texas-based accountable care organization.
As attackers find increasingly sophisticated ways to steal confidential information, healthcare organizations must be vigilant in deploying the correct preventative security measures to protect that data. Encryption is one such measure, which ensures that, even
if a cybercriminal manages to gain access to email...
The impact of Hurricane Ida, including huge power outages, points to the importance of healthcare organizations and others having comprehensive business continuity and disaster recovery plans in place for natural disasters as well as cyber incidents.
Indianapolis, Indiana-based Eskenazi Health has acknowledged that hackers stole some data and posted it on the darkweb after a ransomware attack. But the organization says it's not yet determined if individuals need to be notified because its investigation is still underway.
Your data is leaking and it's at risk.
Data is a crucial and pervasive asset of any healthcare organization, but to safeguard your most
valuable information—as well as that of your patients—there needs to be a shift in the data security
strategy to protect what really matters: the data itself.
Your data is...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.
