A U.K. tabloid newspaper is reporting that a contractor that provides services to the National Health System has been attacked by a hacker who claims to have stolen 1.2 million patient records. But the contractor claims it was the victim of a much smaller breach and no patient records were accessed.
An Atlanta-based neurological practice is the latest healthcare organization to recover from a ransomware attack, only to discover it was the victim of a significant earlier hacking incident. What are the lessons to learn?
Inappropriate access to electronic patient records by a clerk for 14 years at a state-run psychiatric facility in Massachusetts shows just how difficult it can be to detect and prevent long-term breaches involving insiders.
The effort to improve the matching of patients to all the right records from multiple sources may get a new boost from Congress. Learn about the latest effort to help ensure clinicians have secure access to all the right records for the right patient - and the implications for CISOs.
While the U.K. is beefing up funding for hospital cybersecurity, in the U.S., some Congressional leaders are pushing for moves that could have the unintended consequence of sapping security investments by some healthcare providers.
Two GOP senators are asking federal regulators to recoup potentially millions of dollars worth of allegedly inappropriate EHR incentive payments made under the HITECH Act. If the money is clawed back, what's the potential impact on data security spending?
Although the Office of the National Coordinator for Health IT is phasing out its chief privacy officer position, a focus on data security and privacy will continue to be interwoven into all the work the office does, including electronic health record interoperability efforts, the head of the office pledges.
Regulators will not penalize healthcare providers that attested to meeting HITECH Act "meaningful use" incentive payment requirements using electronic health records from eClinicalWorks, a vendor that recently settled a false claims case with federal prosecutors.
A watchdog agency's estimate that as much as $729 million worth of HITECH Act incentive payments might have been paid to doctors who failed to provide proof that they were meeting requirements for meaningful use of EHRs - including risk assessments - is raising questions about the program's accountability.
The Department of Veteran Affairs' implementation of an electronic health records system from the same vendor used by the Department of Defense likely will improve the security of vets' health data, but the move presents many new challenges, some health data security experts say.
Despite being one of the most heavily regulated industries, Healthcare companies still struggle to assess their risk at more than a surface level. A good assessment has to include people, policies, procedures, controls and technologies. The task is daunting but increasingly critical.
Download this case study...