The House of Representatives has approved an amendment that would lift a 20-year ban on the Department of Health and Human Services funding the development or adoption of a unique, national patient identifier. But plenty of hurdles remain. Find out why this is a critical issue for CISOs as well as privacy officers.
License plate and traveler photos collected at the U.S. border have been compromised after a federal government subcontractor was hacked. While Customs and Border Protection officials claim the image data hasn't been seen online, security experts say it's already available for download via a darknet site.
What stands out most about a proposed $74 million settlement of a class action lawsuit against Premera Blue Cross in the wake of a 2014 data breach? Technology attorney Steven Teppler offers insights in this interview.
As part of healthcare's digital transformation, payers and providers alike have rolled out patient portals and telemedicine platforms to increase access to care, improve patient participation and decrease healthcare administrative costs.
How secure are these portals? What types of authentication protocols are used to...
The White House budget chief is seeking to delay a ban on the U.S. government using products manufactured by Huawei. In a letter to Vice President Mike Pence, Russell T. Vought, the acting director of the Office of Management and Budget, says organizations need more time to switch suppliers.
One year after the EU's General Data Protection Regulation went into full effect, data protection experts gathered at the European Data Protection Summit in London to review the state of privacy - not just in the U.K. and Europe but across the world. Here are eight takeaways.
A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.
A data breach at American Medical Collection Agency has affected nearly 12 million patients who had lab tests performed by Quest Diagnostics, exposing a wealth of information, including Social Security numbers.
A proposed $74 million settlement of a consolidated class action lawsuit against Premera Blue Cross after a 2014 data breach that affected nearly 11 million individuals includes $32 million for breach victims and also would require the health insurer to invest $42 million to bolster data security.
Infosecurity Europe returns to London June 4-6, featuring more than 230 sessions over three days covering a range of topics, including application security, automation, data protection, risk management, incident response and threat analysis. Here's a preview of 11 hot sessions.
Cloud-based electronic health records vendor Medical Informatics Engineering has signed a $900,000 settlement with 16 state attorneys general in a case involving the same 2015 data breach that was at the center of a recent $100,000 settlement with a federal regulator.
One year after Europe's tough new GDPR privacy law went into full effect, authorities in Britain have seen the number of annual data breach notifications more than quadruple. Meanwhile, the number of data protection complaints filed by Europeans has doubled.
Federal regulators have issued new guidance clarifying when a business associate can be held directly liable for compliance with the HIPAA privacy, security and breach notification rules. Why is there still so much confusion?