HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
Healthcare entities are increasingly in the crosshairs of attackers who seek to cause business disruption. How can threat intelligence bolster cybersecurity defenses?
"Inside of healthcare, the data that's actually housed is greatly useful for a variety of nefarious purposes," says McWhorter, Chief Intelligence...
Healthcare entities are increasingly in the crosshairs of attackers who seek to cause business disruption through evolving attacks such as ransomware. It's inevitable, frankly, that many healthcare organizations will be diagnosed with ransomware. How must they prepare? What treatment is available for when they are...
The HHS Office of Civil Rights is gearing up for round two of HIPAA compliance audits. What should security leaders expect, and how should they prepare? David Holtzman of CynergisTek and Geoff Bibby of Zix offer insights and advice.
Download this interview with Hotzman and Bibby to learn about preparing for the...
Healthcare entities are increasingly in the crosshairs of attackers who seek to cause business disruption. How can threat intelligence bolster cybersecurity defenses?
"Inside of healthcare, the data that's actually housed is greatly useful for a variety of nefarious purposes," says McWhorter, Chief Intelligence...
Organizations chosen for remote "desk audits" of their HIPAA compliance, which will begin this summer, need to be prepared to quickly provide supporting documentation, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains this in-depth audio interview.
Hacker attacks in the healthcare sector so far this year generally have targeted smaller organizations and affected fewer individuals, in contrast with last year's massive hacker incidents. For example, one of the latest victims is a small physician group practice in Texas.
The $940 billion compensation awarded to Epic Systems in its case against Indian IT major TCS is unprecedented - shaking the industry out of its complacency to information security. Cyber law expert "Naavi" takes a close look at the implications for India.
Like class action lawsuits stemming from breaches of electronic health data, a new lawsuit filed in the aftermath of the loss of paper records faces slim chances of success, legal experts say. But will regulators take action in the case?
Achieving HIPAA compliance is a journey, not a destination. The regulatory landscape is constantly changing, resources are stretched beyond capacity, disparate systems make it difficult to assess and remediate gaps, and the sophistication of cybercriminals is accelerating faster than most healthcare organizations can...
Federal regulators are reminding healthcare organizations about the urgency of having plans in place to manage security issues, including data breaches, involving their business associates. The guidance is important, security experts say, because about one-fifth of major health data breaches have involved BAs.
Proposed new federal regulations would end the HITECH Act electronic health records "meaningful use" incentive program for physicians treating Medicare patients and replace it with a simplified program as part of a sweeping payment revamp. What impact would the Medicare change have on data security requirements?
Now, more than ever, managing the risks involved in working with business associates and their subcontractors should be a top priority for healthcare organizations in their efforts to safeguard patient information, says risk management expert Andrew Hicks, who explains why.
For the second time in two years, federal regulators have slapped New York Presbyterian Hospital with a multi-million dollar penalty as part of a HIPAA settlement. The latest incident involved filming of patients without their permission.
A North Carolina orthopedic clinic will pay a $750,000 penalty as part of a breach-related federal settlement involving the release of 17,300 X-ray films containing patient information to a vendor without having a business associate agreement in place, as required under HIPAA.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.