The new omnibus rule makes it clear that business associates must comply with HIPAA. And the latest additions to the federal health data breach tally put a spotlight on why some BAs need to improve patient data protection.
In this week's breach roundup, read about the latest incidents, including the fourth major breach affecting Stanford University medical facilities and a vendor misplacing information on 6,000 Utah Medicaid clients.
In this week's breach roundup, British Columbia's health minister has confirmed personal health data for millions of individuals was accessed for research purposes without authorization, and a Canadian agency lost a device containing student loan information for almost 600,000.
In this week's breach roundup, regulators are investigating a possible breach involving Kaiser Permanente and a business associate, and hackers compromise servers at a University of North Carolina cancer center.
In this week's breach roundup, read about the latest incidents, including a California state health department breach involving Social Security numbers posted online and an e-mail hack affecting patients in the Carolinas.
The individual implementing security - the chief information officer - can't be the same as the person responsible for testing security, conducting audit and reporting on security weaknesses, South Carolina Inspector General Patrick Maley says.
President Obama's re-election paves the way for continuation of the HITECH Act EHR incentive program and provides a perfect opportunity for the administration to toughen the program's privacy and security requirements.
Connecticut is working to improve its cyber incident response, including updating its breach notification law and enacting a privacy task force. Connecticut Attorney General George Jepsen explains why.