Health IT vendor Allscripts says it has reached a preliminary $145 million settlement with the Department of Justice related to the business practices of Practice Fusion, an EHR vendor the company acquired last year. Among the issues involved are HIPAA, HITECH Act and Anti-Kickback Statute compliance.
The National Association of Attorneys General is urging Congress to drop the "cumbersome, out-of-date privacy rules" contained in federal regulations on substance abuse and instead apply the "effective and more familiar" HIPAA Privacy Rule to help address the opioid crisis by easing the sharing of data.
It's been more than two months since lab companies began revealing they had patient data exposed in a data breach at American Medical Collection Agency. But new victim organizations are continuing to emerge, bringing the total to about 18.
Several large breaches involving hacking/IT incidents, including ransomware attacks, have been added in recent weeks to the federal tally of major health data breaches. Here's a rundown of the latest additions.
DirectTrust, - known for creating and maintaining the Direct protocol and trust framework for secure email in healthcare - has kicked off a new initiative to develop industry standards for secure real-time instant messaging. What are the potential benefits?
A medical center and a children's hospital in Puerto Rico are victims of a recent ransomware attack impacting a total of more than a half million individuals. The combined incident is the largest ransomware breach reported to federal regulators so far in 2019. How is this threat evolving?
Two health IT industry groups are pressing the Senate to follow the House's lead and approve legislation to lift the ban on the Department of Health and Human Services funding the development and adoption of a unique national patient identifier.
A medical equipment benefits administrator is the latest business associate to report a large health data breach affecting patients as well as healthcare providers. What can covered entities do to help prevent falling victim to BA breaches?
Health insurer Premera Blue Cross has signed a $10 million HIPAA settlement with the attorneys general of 30 states in the wake of a 2014 data breach that exposed personal information on more than 10.4 million individuals nationwide.
The relationship between American Medical Collection Agency and its laboratory clients affected by the company's data breach will be closely examined as breach-related lawsuits progress, says attorney Paul Hales, a HIPAA specialist, who explains why.
With half of 2019 in the rear-view mirror, what are the emerging healthcare data breach trends so far this year? Hacker/IT incidents continue to be the dominant cause of breaches, while another formerly common cause - lost or stolen devices - has become relatively rare, according to the federal tally.
In today's modern DevOps organizations, demonstrating security and compliance is still essential whether you are building in the cloud or on prem. As cloud infrastructure continues to evolve through the adoption of microservices and containers - demonstrating compliance becomes even more challenging.
Bipartisan healthcare legislation that a Senate health committee passed on Wednesday includes a provision that would incentivize healthcare entities to adopt "strong cybersecurity practices" by encouraging federal regulators to consider organizations' security efforts when making HIPAA enforcement decisions.
When migrating systems, data and applications to the cloud, a critical security step is to involve compliance auditors in the process as early as possible, says Thien La, CISO at Wellmark Blue Cross Blue Shield.
The House of Representatives has approved an amendment that would lift a 20-year ban on the Department of Health and Human Services funding the development or adoption of a unique, national patient identifier. But plenty of hurdles remain. Find out why this is a critical issue for CISOs as well as privacy officers.