Federal regulators are considering potential changes to HIPAA privacy rule and enforcement regulations, but aim to first engage the healthcare sector and public for input, says the nation's top HIPAA enforcer. So, what changes are being considered?
Privacy attorney Kirk Nahra offers an analysis of the New York state attorney general proposing updates to the state's data security laws and issuing a substantial financial penalty in a HIPAA violations case.
HHS Office for Civil Rights Director Roger Severino told an audience at the HIMSS18 conference Tuesday that there will be "no slowdown" in the agency's HIPAA enforcement efforts. But he told ISMG following the presentation that there will be no phase 3 for HIPAA compliance audits.
With the advent of technology in personal healthcare - internet connected glucose monitors, intravenous blood pressure monitoring, personal best friend emotional bots - a lot of highly sensitive data that's rampantly traversing the airwaves. The impact of this data getting in the wrong hands is just starting to be...
With advances in big data, artificial intelligence, machine learning and more, healthcare is primed to innovate. But do HIPAA, GDPR and other regulatory standards inhibit the ability to innovate? Scott Whyte of ClearDATA discusses healthcare's complex convergence of innovation and compliance.
Leading the latest edition of the ISMG Security Report: England's Court of Appeal rejects U.S. extradition request for suspected hacker Laurie Love. Also, what took Uber and Partners Health so long to come clean about their respective data breaches?
Federal regulators have released a draft of a trusted health information exchange framework with some detailed security components that go beyond HIPAA requirements. The goal is to advance secure national health data exchange so that clinicians have quicker access to potentially life-saving information.
So what actions can we expect in 2018 from the Department of Health and Human Services' Office for Civil Rights as it enforces the HIPAA privacy, security and breach notification rules? Making a prediction is difficult, given all the changes at HHS.
Compared to the mega-breaches that hit the healthcare sector in 2015 and 2016, the top 10 breaches reported for 2017 were far smaller. Security experts analyze whether that's really a sign of progress.
In an usual move, federal regulators have made arrangements to have a cyber insurer cover a $2.3 million HIPAA penalty on behalf of a bankrupt cancer care clinic chain, 21st Century Oncology, which also signed false claims settlements totaling $26 million.
The healthcare industry (hospitals in particular) is one of the top industries targeted for cybercrime. Given the high value of a stolen healthcare record, motivated adversaries will continue to go where the money is.
Download this guide and learn:
The three most common DLP use cases in healthcare systems;
Hospitals and healthcare organizations must ensure that both their mundane and highly-sensitive information is protected and compliant, which is where content aware data loss prevention comes in.
To ensure your data is not breached, download this whitepaper and learn:
How to identify project priorities and...
When a healthcare system wanted to ensure HIPAA/EDI compliance, they undertook a risk assessment to better understand their security posture. They uncovered sensitive data being sent out over the internet instead of through a secure channel which had been set up.
Download this case study and learn how SCHS was able...
With the rise in ransomware attacks targeting healthcare organizations, the U.S. Department of Health and Human Services (HHS) has issued a guidance document that explains the basics of ransomware, what organizations should do in the event of data breach, and how to contain the attack from stealing sensitive patient...