Federal regulators are reportedly investigating whether a physician in Virginia violated HIPAA privacy regulations by using patient information to help her campaign for the state senate.
An alert issued - and then yanked - by the FBI about fraud vulnerabilities linked to EMV chip cards is reigniting the debate between bankers and retailers over whether EMV in the U.S. should be chip-and-PIN or chip-and-signature.
Two final rules for the HITECH Act electronic health record incentive program strongly emphasize the value of risk assessments and encryption as measures for safeguarding patient information. Here's an analysis of the details.
Federal regulators have launched a Web portal that provides HIPAA compliance advice for application developers, especially those developing mobile health apps. Some privacy and security experts it's an overdue step in the right direction for companies that need more guidance.
Privacy and security challenges are among the key obstacles to achieving electronic health records interoperability and nationwide secure exchange of health information, according to a new report. But a federal official tells a Senate committee efforts are underway to overcome the challenges.
The HHS Office for Civil Rights should take 10 steps to strengthen its oversight of HIPAA Privacy Rule compliance as well as improve followup activities on reported data breaches, a government watchdog agency concludes in two new reports.
It's been two years since enforcement of the HIPAA Omnibus Rule's modified breach notification requirements began. But the most significant changes in the federal tally of major health data breaches since then appear to have more to do with a surge in hacker activity than the new requirements under HIPAA Omnibus.
Federal regulators have issued a final version of a strategic health IT plan for 2015 to 2020 designed to help guide government activities. But some experts say the plan is thin on privacy and security measures, such as the need to update HIPAA to address evolving cyber threats.
As federal HIPAA enforcers increasingly scrutinize business associate compliance, BAs need to be paying close attention to the details of settlements that federal regulators are signing with covered entities for HIPAA non-compliance cases and data breaches, says privacy attorney Adam Greene.
The human element has been referred to as the weakest link in the security chain. Do advances in applying analytics to human behavior hold the key to reducing risks?
Security experts trace many of the world's cybercrime attacks to Russia. But Russian authorities never extradite suspects, and they allow hackers to operate with impunity - if they play by some ground rules.
Adjusting risk management strategies in the aftermath of the newly discovered hacker attack on Excellus BlueCross BlueShield, as well as other recent massive cyber-attacks, will be among the hot topics discussed at the Healthcare Information Security Summit in San Francisco on Sept. 17.
The urgency of shifting to EMV to reduce card fraud is one of many hot topics on the agenda at Information Security Media Group's Fraud Summit San Francisco, to be held Sept. 15. Keynoter Eduardo Perez of Visa will kick things off with an in-depth analysis of the migration to EMV.
To prepare for next year's resumption of HIPAA compliance audits, organizations must be ready to demonstrate how they're complying with the revised breach notification rule and how they're providing patients with electronic access to records, says attorney David Holtzman.
If there's one thing federal regulators want to drill into the heads of covered entities and business associates about data breach prevention, it's this: Stop procrastinating, and conduct a risk analysis and encrypt most of your computing devices right away.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.