How do companies in the healthcare industry better manage risk and keep their most valuable data safe when stolen healthcare information commands such a high price on the dark web? Download the case study, "Proactively Challenge Cyber Threats in the Healthcare Industry," to learn how this healthcare organization...
Many healthcare professionals have asked the question: Is there
such a thing as a HIPAA-compliant cloud? The short answer is yes.
With mature cloud providers, the ability to design, implement
and manage governance rules for data and procedures is baked
into the architecture. Issues such as physical and network...
Many healthcare organizations embark on cloud migrations
to achieve scalability, cost-efficiency, and higher application
performance. But migrating applications to the cloud can be a
complex process, so maintaining HIPAA compliance and maximizing PHI security are
always key considerations.
Download this white...
To know where healthcare IT security is going - and what it needs
to protect in 2017 and beyond - it's instructive to take a look at
where we've been.
In general, compromised credentials remain
the leading source of intrusion across industries. Specific to
healthcare, the top three sources of unauthorized data...
Granular patient consent policies - adopted despite HIPAA allowing certain data to be shared without explicit patient consent - can lead to less data being exchanged by healthcare entities, says researcher Julia Adler Milstein of the University of Michigan, who describes results of a new study.
A former Fla. hospital worker has been sentenced to federal prison in a case involving criminal HIPAA violations and tax fraud. Although the prosecution of HIPAA-related crimes are still rare, some experts say such cases could be on the rise.
In the largest HIPAA settlement to date, federal regulators have smacked Chicago-based Advocate Health Care with a $5.5 million fine in the wake of an investigation into three 2013 breaches. The settlement is HHS's tenth HIPAA enforcement action this year.
Arizona-based Banner Health, which operates 29 hospitals, says it's notifying 3.7 million individuals that their data was exposed in a "sophisticated cyberattack." An initial attack against payment card processing systems apparently opened the door to the attackers accessing healthcare data.
New federal guidance that describes processes in the current round of HIPAA compliance audits - which could lay the foundation for future rounds of audits - illustrates the massive amount of documentation demanded for these "desk audits."
Healthcare, more than any other industry, is increasingly in the crosshairs of attackers who seek to cause business disruption through evolving attacks such as ransomware. It's inevitable, frankly, that the vast majority of healthcare organizations will be diagnosed with ransomware. How must they prepare? What...
A Congressional proposal that would allow HHS to offer technical assistance to private-sector efforts aimed at solving the problem of matching the right records to the right patient could pave the way for a significant breakthrough, says Lynne Thomas Gordon, CEO of AHIMA, which represents records professionals.
The nation's HIPAA enforcement agency has dramatically ramped up its issuance of breach-related financial penalties. In the ninth enforcement action of 2016, it slapped University of Mississippi Medical Center with a $2.75 million fine after a breach investigation revealed big security woes.
Mobile health applications, wearable fitness trackers and even social media sites are creating new privacy risks for health information because the data collected, shared and used falls outside the regulatory scope of HIPAA, says Lucia Savage of the Office of the National Coordinator for Health IT.
The federal agency that enforces HIPAA has been very busy lately, taking numerous steps to reiterate the importance of safeguarding patient data and stressing the need to prepare a breach response plan. But the agency still needs to improve transparency on breaches involving business associates.