Federal regulators have announced an $850,000 HIPAA settlement with Lahey Hospital and Medical Center stemming from an investigation into the theft of a laptop that was used to operate a medical device.
LabMD's recent victory in its long legal battle with the Federal Trade Commission will be short-lived, the medical testing lab's CEO predicts. Find out why, and what changes Michael Daugherty hopes the case will bring to FTC's enforcement practices.
Several recent data breaches involving email mishaps serve as a reminder of precautions that healthcare entities must take with protected health information contained in digital communications that are sent or received by their organizations.
As the Department of Health and Human Services gears up for its second round of HIPAA compliance audits, the focus will shift to using these audits for potential enforcement actions, including financial settlements, predicts attorney Anna Spencer.
Hartford Hospital and its business associate, EMC Corp., have agreed to pay a fine as part of a health data breach settlement with Connecticut's attorney general. Learn about the size of the financial penalty and other settlement details.
The HHS Office of Inspector General plans to more closely scrutinize federal regulators' oversight of the security controls that healthcare providers and business associates use to protect electronic patient information. It also will review FDA oversight of medical device cybersecurity.
Two final rules for the HITECH Act electronic health record incentive program strongly emphasize the value of risk assessments and encryption as measures for safeguarding patient information. Here's an analysis of the details.
The Department of Health and Human Services has released final rules for the HITECH Act electronic health record incentive program that address privacy and security issues. HHS has also released its final "interoperability roadmap" designed to guide progress toward health data exchange.
Federal regulators have launched a Web portal that provides HIPAA compliance advice for application developers, especially those developing mobile health apps. Some privacy and security experts it's an overdue step in the right direction for companies that need more guidance.
Privacy and security challenges are among the key obstacles to achieving electronic health records interoperability and nationwide secure exchange of health information, according to a new report. But a federal official tells a Senate committee efforts are underway to overcome the challenges.
The HHS Office for Civil Rights should take 10 steps to strengthen its oversight of HIPAA Privacy Rule compliance as well as improve followup activities on reported data breaches, a government watchdog agency concludes in two new reports.
It's been two years since enforcement of the HIPAA Omnibus Rule's modified breach notification requirements began. But the most significant changes in the federal tally of major health data breaches since then appear to have more to do with a surge in hacker activity than the new requirements under HIPAA Omnibus.
Federal regulators have issued a final version of a strategic health IT plan for 2015 to 2020 designed to help guide government activities. But some experts say the plan is thin on privacy and security measures, such as the need to update HIPAA to address evolving cyber threats.
As federal HIPAA enforcers increasingly scrutinize business associate compliance, BAs need to be paying close attention to the details of settlements that federal regulators are signing with covered entities for HIPAA non-compliance cases and data breaches, says privacy attorney Adam Greene.