Truveta, a new big data collaborative research effort involving 14 U.S. healthcare providers, will share de-identified data on millions of patients in an effort to improve treatments through personalized medicine. But the project raises important privacy issues.
From both a regulatory and a security perspective, it’s not enough to simply perform a risk analysis. The HIPAA Security Rule requires and today’s rapidly evolving threat landscape demands that healthcare organizations respond to the risks identified appropriately and effectively.
Read this guide for expert...
As federal regulators intensify their focus on compliance with requirements to provide patients with access to their health information, healthcare organizations need to sort through a variety of emerging challenges, says health information management and privacy expert Rita Bowen.
The growth in the use of telehealth during the COVID-19 crisis means that healthcare providers must carefully reassess and bolster the security of the connected devices, applications and systems used, says Kelly Rozumalski of the consultancy Booz Allen Hamilton.
In the year ahead, healthcare organizations must be prepared to face an assortment of advancing security threats, including those that damage the integrity of critical patient data, says Rod Piechowski of the Healthcare Information and Management Systems Society.
The COVID-19 pandemic has spotlighted an array of evolving patient privacy issues that legislators and regulators will need to address in the year ahead, say government policy experts Mari Savickis and Cassie Leonard of the College of Healthcare Information Management Executives.
Under legislation passed by Congress this weekend that awaits President Trump's signature, HIPAA enforcers, when considering financial penalties for compliance violations, would need to determine whether an organization had implemented "recognized security practices," such as the NIST Cybersecurity Framework.
The Department of Health and Human Services last week issued its 10th settlement involving a HIPAA "right of access" case since launching its patient records access initiative last year. But how might HIPAA enforcement priorities at HHS' Office for Civil Rights change under a Biden administration?
Federal regulators have issued the final version of a five-year strategic health IT plan that sets goals and objectives focused around providing patients secure access of their health data. But what do experts think of the plan, and would it stick under a potential Biden administration?
In the latest health data breach enforcement action by a state, New Jersey regulators have slapped a supermarket cooperative with a large settlement for improper disposal of customer pharmacy information.
Despite the soaring list of customers reporting data breaches tied to the May ransomware attack on Blackbaud - and numerous legal actions filed against the company - the fundraising software vendor recently told Wall Street that it expects cyber insurance to cover the bulk of its costs associated with the incident.
Federal regulators have slapped health insurer Aetna with a $1 million HIPAA settlement for three 2017 breaches - including a mailing incident that exposed HIV information - that occurred within six months.