Healthcare organizations need to diligently assess whether a security incident involving patient information truly qualifies as a reportable breach under HIPAA to avoid needlessly reporting it to federal regulators, says regulatory attorney Helen Oscislawski.
The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
As healthcare organizations across the U.S. respond to the COVID-19 crisis, the list of security and privacy challenges CISOs face continues to grow. Mitch Parker, CISO of Indiana University Health, provides an update on the changing risk management landscape.
More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.
The Department of Health and Human Services Monday released its long-awaited interoperability and information blocking final rules. The aim of the rules is to provide patients with easy, secure access to their electronic health information - from electronic health record systems as well as from payers.
Three U.S. senators are demanding more answers from Catholic healthcare system Ascension and Google over "Project Nightingale," which is part of a controversial data-sharing and cloud migration initiative that has raised concerns about sharing patient information without explicit permission.
Despite ongoing uncertainty about the worldwide spread of the coronavirus, the Healthcare Information and Management Systems Society Conference 2020 is still slated to kick off on March 9 in Orlando - and President Trump has been added as a speaker, the organization announced on Monday.
This webinar provides attendees with an overview of machine learning services and examples of outcomes from the AWS, Google and Microsoft Azure clouds. It will address challenges and opportunities in gleaning insights from large data sets. Presenters will also share what ClearDATA is doing to help organizations make...
A home healthcare company has filed 17 breach reports after a ransomware attack on its cloud-based electronic health records vendor last December, illustrating once again how a vendor breach can have a wide impact.
Hundreds of pediatric healthcare providers in Massachusetts were still unable to access their electronic health record systems Thursday after a malware attack earlier this week on a large physician network affiliated with Boston Children's Hospital. What can others learn from the incident?
As health data privacy concerns heat up to a boiling point on multiple fronts, it's more essential than ever that patients get a clear opportunity to make a choice about whether their data is shared, says privacy advocate Twila Brase, who heads the Citizens' Council for Health Freedom.
As the wait continues for federal regulators to issue final rules for health IT interoperability and information blocking prevention, some industry stakeholders are raising serious concerns about the privacy of patient data accessed and shared using application programming interfaces and mobile consumer apps.
A federal court has invalidated certain HITECH Act provisions and Department of Health and Human Services' guidance related to patient requests for copies of their health records, creating new requirements for compliance officers and others to follow.
Federal prosecutors say Practice Fusion - a unit of Allscripts - will pay $145 million to settle civil and criminal investigations related to its electronic health records system. The case includes a kickback scheme involving opioids as well as false claims regarding HITECH Act certification compliance.