Healthcare devices pose a huge risk to organizations and their patients, as they often ship with vulnerabilities, run unsupported operating systems, are difficult to patch and lack encryption in communication. Experts at Palo Alto Networks offer risk mitigation advice.
With a goal of better matching the right patients to all the right medical records, federal regulators have issued new draft technical specifications for standardizing how patients' physical addresses are formatted and represented in health IT systems. But could the effort present new security and privacy risks?
The Biden administration's fiscal 2022 proposed budget for the Department of Health and Human Services calls for an increase in spending to protect HHS from evolving cyberthreats as well as funding boosts to support regulatory and enforcement efforts related to health data privacy and security.
Evolving ransomware attacks pose a growing threat to the integrity of electronic health records, says Michael Hamilton, CISO at the security firm CI Security, who calls for heightened attention to EHR security.
HIPAA compliance is a complex cybersecurity standard with onerous consequences for failure. Securing Protected Health Information (PHI) at rest and in transit is the critical piece that is too often neglected until it leads to breaches of HIPAA requirements.
HIPAA’s Final Omnibus Rule in 2013 doubled the maximum...
As patients more commonly use smartphones and APIs to access their health information, critical security and privacy considerations need to be top of mind, says Micky Tripathi, the new national coordinator for health IT at HHS.
Long-awaited federal information blocking and health IT interoperability regulations went into effect this week. They are designed to give patients improved access to their records, including via smartphone apps, and make it easier for organizations to share records in an effort to improve treatment.
HHS has issued its18th enforcement action in a case involving failure to provide timely access to a patient's requested health records, demonstrating that even the smallest organizations aren't exempt from enforcement efforts.
As the compliance deadline for new regulations that require easier access to patient records approaches, regulators have issued their 17th HIPAA settlement in a case involving failure to provide a patient with timely access to records.
The former CEO and co-owner of two hospice agencies has pleaded guilty in a multimillion-dollar fraud conspiracy case that involved gaining unlawful access to patients' electronic medical records to identify and recruit Medicare and Medicaid beneficiaries for hospice care - whether or not they were terminally ill.
As the healthcare sector works to provide patients with secure access to their health information via smartphones and other devices, it must address critical identity and trust issues, says DirectTrust president and CEO Scott Stuewe.
Continuing its initiative to ensure patients can access copies of their medical records, as HIPAA requires, federal regulators on Friday issued their 16th settlement in a records access case - this one with Sharp Healthcare.
HHS has issued its 15th HIPAA settlement involving a patient's right to access their medical records. Will enforcement of HIPAA's records access provision be a priority for the Biden administration, as it was for the previous administration?
From both a regulatory and a security perspective, it’s not enough to simply perform a risk analysis. The HIPAA Security Rule requires and today’s rapidly evolving threat landscape demands that healthcare organizations respond to the risks identified appropriately and effectively.
Read this guide for expert...
A recent breach involving a legacy electronic health record system that a small specialty medical practice used before becoming part of a larger healthcare entity shows the potential security risks that can follow mergers and acquisitions.