Businesses targeted by ransomware attacks are increasingly willing to negotiate with - and even pay - their extortionists. But negotiating with cyberthieves is never a good idea.
Auxilio Inc., best known for its managed print services to hospitals and other healthcare entities, is acquiring Redspin, a provider of HIPAA risk assessment services.
The proposed rules for Stage 3 of the HITECH Act "meaningful use" electronic health record incentive program come up short on privacy and security. But regulators have time to fix that.
Some security experts are concerned that narrower risk assessment requirements in a proposed Stage 3 rule for the HITECH Act EHR incentive program could confuse healthcare entities about the importance of conducting a broad HIPAA risk assessment.
The addition of the Anthem Inc. hacking incident to the federal tally of major health data breaches triples the number of breach victims tracked since 2009. And the tally likely will soon include more hacking incidents, based on recent reports.
While federal regulators flesh out details of a "roadmap" for electronic health record interoperability, five GOP senators are demanding that more attention be paid to the security and privacy of patient data as it's shared among healthcare providers.
A recent blog about payments security generated a spirited debate about the current state of merchant security, why card breaches continue to be an issue and EMV's impact on fraud.
A recent incident involving disposed in a vendor's dumpster is an example of why healthcare organizations say business associates taking inadequate security steps ranks as their No. 1 perceived breach threat today.
The inappropriate use and disclosure of patient information for marketing purposes by an insurer in Tennessee offers a reminder of the importance of complying with HIPAA's marketing-related provisions.
Preliminary results of the fourth annual Healthcare Information Security Today survey indicate that information security leaders have big concerns about their business associates. There's still time left to participate in the study.
As healthcare organizations step up their efforts this year to exchange more patient data with others to improve care, it's urgent that they address the "significant risks" involved, says Erik Devine, chief security officer at an Illinois hospital.
Healthcare organizations and their business associates need to make three important resolutions in 2015 to better safeguard patient data and avoid the enforcement wrath of regulators.
After the complete collapse of network security at Sony Pictures - in the wake of its data breach - it's important that we highlight some of the organization's fundamental security mistakes. Here's a macro view of the lessons we must all learn.
In the wake of a data breach that followed a routine regulatory, a former regulator is asking why the agency failed to disclose the breach sooner, and why it has not accepted more responsibility for its error.
An FTC settlement with a medical billing company shines a spotlight on deceptive practices related to the collection and disclosure of patient's personal health information. What can healthcare providers learn from the settlement?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.