For the second year in a row, the House of Representatives has voted to lift the ban on the Department of Health and Human Services funding the development or adoption of a unique, national patient identifier. But will it be derailed again in the Senate?
Federal regulators have slapped the Rhode Island-based health system Lifespan with a $1 million HIPAA settlement tied to a 2017 data breach involving the theft of an unencrypted laptop that potentially exposed the data of 20,000 individuals. It's the largest HIPAA enforcement action so far this year.
Federal regulators have slapped a small provider of discounted medical and dental services to underserved patients in rural North Carolina with a $25,000 HIPAA settlement in a case involving an email breach that occurred nearly a decade ago. It's only the second HIPAA settlement announced this year.
HHS has finalized changes to certain privacy provisions related to the sharing of patient records associated with federally assisted substance use disorder treatment programs. The changes aim to improve treatment of some patients addicted to opioids and similar drugs.
Healthcare provider organizations, pharmaceutical companies and medical device manufacturers all must take critical security steps to avoid becoming victims of data breaches during the COVID-19 pandemic, says technology attorney and former physicist Phil Crowley.
Why are some breach notifications delayed for months? This week, a company that operates senior care facilities in North Carolina and South Carolina issued a statement offering a step-by-step explanation.
A lawsuit filed against a small Georgia hospital by four of its nurses who allege the facility "schemed to manufacture false negative COVID-19 test results" for several patients who previously tested positive is shining a light on delicate issues involving whistleblowers and the privacy of patient records.
If the lifting of telehealth restrictions during the COVID-19 pandemic becomes permanent through new legislation or changes in government policies, what would be the potential impact on patient data privacy and security?
As healthcare organizations seek out recovered COVID-19 patients for potential donations of blood plasma containing virus antibodies to help treat other patients, they need to ensure these outreach activities comply with HIPAA privacy regulations, according to new federal guidance.
As businesses reopen, they need to carefully consider the privacy, security and legal implications of collecting COVID-19 related information from customers, employees and other individuals, says privacy attorney Iliana Peters of the law firm Polsinelli.
Healthcare organizations need to diligently assess whether a security incident involving patient information truly qualifies as a reportable breach under HIPAA to avoid needlessly reporting it to federal regulators, says regulatory attorney Helen Oscislawski.
The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
Phishing scams continue to be a leading cause of health data breaches so far this year. But the theft of unencrypted laptops led to the biggest breach reported in 2020, and an insider breach involving a physician exposed data on thousands of patients.