When a healthcare system wanted to ensure HIPAA/EDI compliance, they undertook a risk assessment to better understand their security posture. They uncovered sensitive data being sent out over the internet instead of through a secure channel which had been set up.
Download this case study and learn how SCHS was able...
With the rise in ransomware attacks targeting healthcare organizations, the U.S. Department of Health and Human Services (HHS) has issued a guidance document that explains the basics of ransomware, what organizations should do in the event of data breach, and how to contain the attack from stealing sensitive patient...
Healthcare is the only industry where employees are the primary reason for a data breach. A variety of motives including monetary gain, negligence or the need to access patient data quickly lead to Patient Health Information (PHI) loss.
Download this whitepaper and learn:
Real world scenarios that put PHI data at...
Complicating healthcare compliance efforts is the growing trend of migrating patient data to cloud storage and hosted applications such as Health Information Exchange systems. The cloud lowers costs and improves efficiency, but widens the attack surface for data breaches.
To counter this challenge, download this...
Healthcare technology has made leaps and bounds in terms of its ability to improve patient outcomes, and yet many technologies are being deployed before security concerns can catch up.
Two Indiana attorneys, frustrated by delays in obtaining patient records on behalf of clients, are seeking more than $1 billion in damages in a lawsuit alleging 60 hospitals in the state fraudulently received HITECH Act electronic health record incentive payments.
The California attorney general's office has smacked Cottage Health System with a $2 million settlement in the wake of breaches in 2013 and 2015. What lessons can be learned from this significant enforcement action?
Every new cybersecurity regulation includes at least some emphasis on improving vendor risk management. But what happens when vendors balk at the extra degree of scrutiny required? Moffitt Cancer Center's Dave Summitt describes his risk-based approach to business associates.
HealthcareInfoSecurity Executive Editor Marianne Kolbasuk McGee reflects on the just-concluded Healthcare Security Summit in New York in the latest edition of the ISMG Security Report. Also, PCI Security Standards Council CTO Troy Leach addresses ransomware risks.
Clearly, adherence to HIPAA, NIST and other regulators in healthcare is paramount, but that does not mean that your organization isn't vulnerable to cybercrime hacking. When the average breach is worth $3.62 million with $380 per patient record compromised (as per Ponemon's 2017 Cost of
a Data Breach Report), the...
Longtime privacy advocate Deven McGraw has left her positions leading health information privacy efforts at the Department of Health and Human Services. What's next for privacy leadership at HHS?
A lawn mower engine manufacturer's notification to federal regulators of a health data breach impacting thousands of its workers highlights the HIPAA compliance duties for businesses that are self-insured for healthcare.
Key gaps in how healthcare entities defend against cybercrime hacking have emerged. Even organizations strictly adherent to HIPAA, NIST or other regulators are still unaware of how their practices compare to their industry peers and whether or not they are lagging behind.
Has your organization assessed and mitigated...
A bipartisan group of five senators has asked a watchdog agency to produce "clear recommendations" for how to make sure the right patients are matched to the right records to help improve the quality of care and crack down on medical and identity fraud. But will that require a national patient identifier?
How do you balance privacy with data exchange among clinicians, access for patients and medical breakthroughs for researchers? This session examines whether there's a "right balance" for protecting patients' confidentiality, bolstering cybersecurity and providing individuals with access to their own health data, while...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.