NIST's proposed update to its cybersecurity framework needs to better address specific concerns of the healthcare sector, say some industry groups commenting on the recently released draft. So, what are they asking NIST to do?
Healthcare industry organizations are again asking Congress to ease a ban that prohibits the Department of Health and Human Services from funding unique patient identifiers, saying that a failure to act will be detrimental to the success of healthcare information exchange.
A Texas-based pediatric practice is the latest healthcare entity to report a major data breach following a recent ransomware attack, despite the organization's efforts to mitigate the incident quickly.
The Department of Health and Human Services is making progress in building its new team to lead IT-related efforts, including addressing health data privacy and security matters. Among the appointments: Donald Rucker, M.D., is the new national coordinator for health IT.
What's in store for health data privacy and security initiatives in the Trump administration, now that a new leader for the HHS Office for Civil Rights, which enforces HIPAA, has been selected? Healthcare attorney Kirk Nahra, a regulatory expert, offers an assessment.
Recent settlements between New York State's attorney general office and three mobile app vendors for misleading privacy and marketing practices could have implications for other developers, especially if other states follow suit with their own enforcement actions, some legal experts say.
Since March 2016, the OCR has been increasingly aggressive in bringing enforcement actions against healthcare organizations who have had PHI compromised through data breaches.
Get this guide to learn the important aspects of the Health Information Portability and Accountability Act (HIPAA) and how an appropriate...
The Trump administration has named Roger Severino as the new director of the Department of Health and Human Services' Office for Civil Rights, which enforces HIPAA and protects patients rights. Meanwhile, it remains unclear who will lead the Office of the National Coordinator for Health IT.
Under HIPAA, the theft or loss of encrypted computing or storage devices is not considered a reportable data breach. But a recent incident at a Kentucky-based healthcare organization demonstrates that making a determination on whether an incident is a reportable breach isn't always clear-cut.
The Trump administration has called for trimming the budget for the Department of Health and Human Services by 18 percent. But what do we know so far about proposed funding for HHS initiatives designed to help ensure health data security and privacy?
Little by little, the Trump administration is filling key leadership positions in the Department of Health and Human Services that can have an impact on privacy and security issues. Could these new leaders make big changes?
An important theme that emerges from the HHS Office for Civil Rights' dozens of HIPAA settlements is that all aspects of compliance are critical and subject to close scrutiny by federal regulators, says former OCR director Leon Rodriguez.
So far in 2017, hacking incidents continue to affect the largest number of individuals impacted by major health data breaches. Meanwhile, incidents involving unencrypted computing devices continue to decline, according to the federal breach tally.