Federal regulators have issued detailed final rules containing provisions that allow hospitals and healthcare delivery systems to donate cybersecurity technology, such as software, hardware and services, to physician practices.
Federal regulators Thursday issued their 11th HIPAA settlement - the ninth in recent months - involving a patient right of access to records case. The resolution agreement with a Queens, New York, physician's practice calls for a $15,000 penalty and adoption of a corrective action plan.
Cybersecurity professionals operate in a dynamic environment driven by two accelerating forces; threat developments and the rapid adoption of new technologies. And yet most companies still rely on discrete snapshots of their security performance.
Healthcare organizations must cope with both forces - they have...
The Department of Health and Human Services last week issued its 10th settlement involving a HIPAA "right of access" case since launching its patient records access initiative last year. But how might HIPAA enforcement priorities at HHS' Office for Civil Rights change under a Biden administration?
Citing the stretched health IT resources and heavy workloads healthcare organizations face as a result of the COVID-19 pandemic, federal regulators are delaying compliance deadlines for information blocking and health IT interoperability regulations.
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector.
In the tenth HIPAA enforcement action in recent weeks, federal regulators have announced a $100,000 settlement in yet another case involving failure to provide a patient with timely access to their health records.
A 2014 data breach at Community Health Systems that exposed the protected health information of 6.1 million individuals has led to another round of government penalties. This time, the Franklin, Tennessee-based company has agreed to pay $5 million for a settlement with 28 state attorneys general.
In an exclusive interview, Roger Severino, director of the HHS Office for Civil Rights, which enforces HIPAA, spells out critical steps healthcare organizations must take to safeguard patient information and ensure patient safety in light of the surge in ransomware and other hacking incidents.
As the compliance dates approach for the Department of Health and Human Services' information blocking and health IT interoperability final rules, organizations need to avoid potential pitfalls, says privacy attorney Adam Greene.
Federal regulators have smacked five more healthcare organizations with financial settlements for failing to provide individuals with timely access to health information as required under HIPAA. Earlier, regulators announced two other similar settlements.
The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.