How do companies in the healthcare industry better manage risk and keep their most valuable data safe when stolen healthcare information commands such a high price on the dark web? Download the case study, "Proactively Challenge Cyber Threats in the Healthcare Industry," to learn how this healthcare organization...
A Florida healthcare provider that treated victims of the Pulse nightclub massacre in June is notifying patients impacted by a breach involving record snooping. The incident spotlights common privacy and security challenges.
Granular patient consent policies - adopted despite HIPAA allowing certain data to be shared without explicit patient consent - can lead to less data being exchanged by healthcare entities, says researcher Julia Adler Milstein of the University of Michigan, who describes results of a new study.
A former Fla. hospital worker has been sentenced to federal prison in a case involving criminal HIPAA violations and tax fraud. Although the prosecution of HIPAA-related crimes are still rare, some experts say such cases could be on the rise.
The recent cyberattack on Banner Health Care, which may have compromised information on as many as 3.7 million individuals, appears to be the largest healthcare data breach reported so far in 2016 - a year that's already seen a string of disturbing hacker attacks. Here's an overview of recent cyberattack trends.
The Democratic Party platform calls for balancing privacy and security concerns, and vice presidential nominee Tim Kaine endorses the formation of a commission to advise Congress on developing digital security and encryption laws.
A Congressional proposal that would allow HHS to offer technical assistance to private-sector efforts aimed at solving the problem of matching the right records to the right patient could pave the way for a significant breakthrough, says Lynne Thomas Gordon, CEO of AHIMA, which represents records professionals.
A Georgia-based orthopedic clinic has confirmed it's one of the victims of cyberattacks by "The Dark Overlord" hacker who recently posted for sale copies of stolen databases he says contain millions of records. But the clinic is tight-lipped about whether it was a victim of extortion.
Evolving criminal and unscrupulous internal threats to healthcare
data networks continue to plant seeds of fear and uncertainty
in the minds of healthcare IT professionals. Those fears are wellfounded;
a recent Information Week survey found that 91 percent
of small healthcare practices in North America say they...
Breach fallout continues to mount in the aftermath of a cyberattack on cloud-based electronic health records vendor Bizmatics, which apparently affected hundreds of thousands of patients. The saga highlights important security lessons for covered entities when it comes to dealing with business associates.
HIPAA has long provided patients with the right to access their own "designated record set" of protected health information. But federal regulators are on a campaign to help patients and healthcare organizations understand records access rights, as well as the related privacy risks.
Federal regulators have released a new framework of data security principles to guide healthcare entities and researchers participating in the Obama administration's Precision Medicine Initiative. But is it enough to safeguard sensitive patient data?
After Kansas Heart Hospital suffered a ransomware infection and paid the demanded ransom, its attackers demanded more. At that point, the hospital reportedly declined to comply, relying instead on its pre-prepared backup and recovery plan.
Organizations chosen for remote "desk audits" of their HIPAA compliance, which will begin this summer, need to be prepared to quickly provide supporting documentation, Deven McGraw, deputy director of health information privacy at the HHS Office for Civil Rights, explains this in-depth audio interview.