Sometimes, even a furniture manufacturer must report a health data breach to comply with the HIPAA Breach Notification Rule. Compliance experts explain the requirements for certain employers.
Boston Children's Hospital is pioneering the use of Amazon's Alexa voice assist technology in the healthcare sector. John Brownstein, the hospital's chief innovation officer, discusses the security measures involved.
The University of Texas MD Anderson Cancer Center has filed a lawsuit arguing that a $4.3 million HIPAA penalty levied against it last year by the Department of Health and Human Services following three data breaches was unlawful. What are the main arguments?
The Department of Health and Human Services has yet to take certain critical actions to help enhance cybersecurity, according to a new GAO report that lists hundreds of recommendations for improving operations that have not been implemented.
Several industry groups have offered suggestions - ranging from better cyber information sharing to new regulatory "safe harbors" for entities complying with best practices - in response to Sen. Mark Warner's recent request seeking ideas for improving healthcare sector cybersecurity.
A small Michigan medical practice that plans to permanently shut down in the wake of a recent ransomware attack is an example of the devastation that can result from a serious cyberattack.
Guided by a "human-centered" principle, there is nothing more critical to Tri-Counties Regional Center (TCRC), than protecting and promoting the lives of those with developmental disabilities. That is why TCRC proactively secures Personal Health Information (PHI) to protect the people behind that information. Critical...
Two recent ransomware attacks on mental healthcare providers serve as reminders of the security incident response and risk mitigation pressure faced by entities handling especially sensitive patient information.
A ransomware attack last fall on a company that provides billing and other business services to health plans and hospitals resulted in a breach affecting more than 600,000 individuals, according to Michigan state officials. But what makes breach determination in ransomware attacks so difficult?
A former patient coordinator at UPMC, a medical center in Pittsburgh, has pleaded guilty to wrongfully disclosing health information in a rare case involving criminal prosecution for violating HIPAA.
Healthcare CISOs and other security and privacy leaders must carefully assess HHS' proposed new rules designed to help prevent the blocking of health information sharing and consider how they might "operationalize" the provisions within their organizations, says attorney Jodi Daniel.
A misconfigured database at UW Medicine in Washington state that left patient data exposed on the internet for several weeks resulted in a breach affecting almost 1 million individuals. Why are breaches caused by such misconfigurations so common?
Among the hundreds of responses to a federal request for comments about potential changes to the HIPAA rules were suggestions for "safe harbors" that would shelter organizations with strong security strategies from HIPAA enforcement actions after a health data breach.
As the use of artificial intelligence tools and robotics continues to grow, it's crucial for organizations to assess the potential security risks posed, says attorney Stephen Wu, who reviews key issues in an interview.
As more hospitals seek new methods for collecting payments from patients, they face the challenge of securing those transactions, says Dan Berger of AxiaMed, who describes HIPAA and PCI compliance issues in an interview at the HIMSS19 conference.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.
