Healthcare organizations need to diligently assess whether a security incident involving patient information truly qualifies as a reportable breach under HIPAA to avoid needlessly reporting it to federal regulators, says regulatory attorney Helen Oscislawski.
The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
Phishing scams continue to be a leading cause of health data breaches so far this year. But the theft of unencrypted laptops led to the biggest breach reported in 2020, and an insider breach involving a physician exposed data on thousands of patients.
Federal regulators are alerting healthcare organizations about an array of coronavirus-themed cyberthreats. Plus, they're advising them to avoid potential HIPAA privacy violations involving unauthorized disclosures of patient information to news outlets during the COVID-19 crisis.
Federal regulators are delaying implementation and enforcement of certain provisions of the interoperability and secure information sharing final rules that were issued in March, citing the COVID-19 public health emergency that is overwhelming many healthcare organizations.
Three recently disclosed health data security incidents - including the discovery of a large email hack that happened nearly a year ago - serve as reminders of the ongoing incident response challenges facing healthcare organizations. And these difficulties are likely to worsen during the COVID-19 crisis.
The use of telehealth is ramping up as a result of the COVID-19 pandemic. Now, the latest arrest in connection with a $410 million healthcare fraud case that includes a multi-million dollar telemedicine-related fraud scheme serves as a cautionary tale of how fraudsters can abuse telehealth.
Although conducting regular HIPAA security risk assessments (SRAs) may seem like a hassle, the cost of failing to conduct them and therefore failing to remediate risks is much worse. Penalties can include millions of dollars in fines, civil and criminal litigation, restitution, and damage.
Watch this webinar to...
As some cities and states recruit retired healthcare professionals, new medical school graduates and clinicians from other regions to assist in their COVID-19 responses, it's critical to ensure these workers understand the importance of protecting patient information, says privacy attorney Iliana Peters.
Healthcare professionals are on the front line in the war against COVID-19, and cybersecurity leaders bear unique pressure to support and secure their efforts. But amid this crisis, Anahi Santiago, CISO of ChristianaCare, also sees tremendous strides in telehealth delivery.
In the latest move to relax certain HIPAA requirements during the COVID-19 crisis, federal regulators Thursday paved the way for business associates to share protected health information for public health-related activities during the pandemic.
Recent HIPAA-related moves by federal regulators aim to improve information sharing and care coordination as the U.S. healthcare community battles the COVID-19 outbreak, says privacy attorney Kirk Nahra of the law firm WilmerHale. But some of the provisions could cause confusion, he notes.
The Trump administration on Tuesday announced immediate limited waivers of certain HIPAA privacy provisions to help improve patient care during the growing COVID-19 pandemic. For example, it's now OK for providers to offer telehealth services through certain applications that allow for video chats.