Although the federal information blocking rule spells out practices that are not considered violations of the regulation, healthcare entities must carefully assess the validity of privacy or security concerns before denying access, exchange or use of patient data, says attorney Adam Greene.
Legacy approaches to data security struggle to cope with the increased regulation and enhanced threat environment that healthcare organizations face because of the limitations imposed by their architectures, approaches, limited scope, and slow adoption of the modern methods required to keep healthcare organizations...
Even though the healthcare sector is clearly a major target for disruptive cyberattacks, many organizations have yet to take the necessary steps to prevent intrusions or respond to incidents, says Amit Trivedi, a director at the Healthcare Information and Management Systems Society.
Your data is leaking and it's at risk.
Data is a crucial and pervasive asset of any healthcare organization, but to safeguard your most
valuable information—as well as that of your patients—there needs to be a shift in the data security
strategy to protect what really matters: the data itself.
Your data is...
The Department of Health and Human Services needs to improve collaboration among several of its internal entities, as well as with external partners, in order to bolster cybersecurity threat intelligence sharing in the healthcare and public health sector, says a watchdog agency report.
With a goal of better matching the right patients to all the right medical records, federal regulators have issued new draft technical specifications for standardizing how patients' physical addresses are formatted and represented in health IT systems. But could the effort present new security and privacy risks?
The Biden administration's fiscal 2022 proposed budget for the Department of Health and Human Services calls for an increase in spending to protect HHS from evolving cyberthreats as well as funding boosts to support regulatory and enforcement efforts related to health data privacy and security.
HIPAA compliance is a complex cybersecurity standard with onerous consequences for failure. Securing Protected Health Information (PHI) at rest and in transit is the critical piece that is too often neglected until it leads to breaches of HIPAA requirements.
HIPAA’s Final Omnibus Rule in 2013 doubled the maximum...
As patients more commonly use smartphones and APIs to access their health information, critical security and privacy considerations need to be top of mind, says Micky Tripathi, the new national coordinator for health IT at HHS.
Long-awaited federal information blocking and health IT interoperability regulations went into effect this week. They are designed to give patients improved access to their records, including via smartphone apps, and make it easier for organizations to share records in an effort to improve treatment.
As the healthcare sector works to provide patients with secure access to their health information via smartphones and other devices, it must address critical identity and trust issues, says DirectTrust president and CEO Scott Stuewe.
From both a regulatory and a security perspective, it’s not enough to simply perform a risk analysis. The HIPAA Security Rule requires and today’s rapidly evolving threat landscape demands that healthcare organizations respond to the risks identified appropriately and effectively.
Read this guide for expert...
Micky Tripathi - a longtime health IT expert with deep roots in secure health information exchange and interoperability issues - will be the new head of the Department of Health and Human Services' Office of the National Coordinator for Health IT.
In the year ahead, healthcare organizations must be prepared to face an assortment of advancing security threats, including those that damage the integrity of critical patient data, says Rod Piechowski of the Healthcare Information and Management Systems Society.
Federal regulators have issued guidance to help clarify how HIPAA covered entities and business associates are permitted to make patient record disclosures for public health purposes to health information exchange organizations during the COVID-19 pandemic.