As HHS weighs potential modifications to the HIPAA Privacy Rule, regulators must consider aligning those changes with other health data regulations that deal with privacy, patient access to records and secure exchange of electronic health information, some industry groups commenting on the proposal say.
The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule. But is it time to update the security rule itself?
A proposed privacy framework from the eHealth Initiative & Foundation and the Center for Democracy and Technology aims to set standards for the collection, disclosure and use of health data that falls outside the protection of HIPAA, says attorney Andrew Crawford of CDT.
HHS has issued its18th enforcement action in a case involving failure to provide timely access to a patient's requested health records, demonstrating that even the smallest organizations aren't exempt from enforcement efforts.
As the compliance deadline for new regulations that require easier access to patient records approaches, regulators have issued their 17th HIPAA settlement in a case involving failure to provide a patient with timely access to records.
The former CEO and co-owner of two hospice agencies has pleaded guilty in a multimillion-dollar fraud conspiracy case that involved gaining unlawful access to patients' electronic medical records to identify and recruit Medicare and Medicaid beneficiaries for hospice care - whether or not they were terminally ill.
As the list of healthcare sector entities affected by the recent hacking of Accellion's File Transfer Appliance platform continues to grow, the technology vendor faces a lawsuit filed by one of its affected clients, health insurer Centene Corp.
Hacking incidents - including ransomware attacks, phishing scams and episodes involving vendors - are still the dominant culprits in major health data breaches being reported to federal regulators so far this year. Why?
A coalition of 41 state attorneys general has reached a settlement with American Medical Collection Agency in the wake of a 2018 data breach that compromised the data of 21 million individuals and pushed the company to file for bankruptcy.
Proposed changes to the HIPAA Privacy Rule could weaken patient data privacy protections, say Rita Bowen and Zachary Perry of the Association of Health Information Outsourcing Services, who explain why in this joint interview.
Truveta, a new big data collaborative research effort involving 14 U.S. healthcare providers, will share de-identified data on millions of patients in an effort to improve treatments through personalized medicine. But the project raises important privacy issues.
A Georgia man has been sentenced to federal prison in an unusual case in which he portrayed himself as a whistleblower while falsely reporting to authorities that a hospital worker committed criminal HIPAA violations.
Many of the major health data breaches added to the federal tally so far this year involve business associates, continuing a trend in recent years. The largest of those is an incident reported by a children's health and dental insurance plan provider involving a website hosting vendor.