As the HHS Office for Civil Rights ramps up HIPAA enforcement activities, a key leader of the agency's HIPAA initiatives has retired, and the director of the agency may soon be leaving as well. Find out the very latest details.
A judge has dismissed most of the claims in a consolidated class action lawsuit stemming from the 2011 data breach involving SAIC and the military health program TRICARE, which affected 4.9 million individuals.
Federal regulators are considering whether data segmentation technology that protects sensitive patient information when it's exchanged should be required for electronic health record software certified for the HITECH Act incentive program.
Federal regulators have issued a $4.8 million sanction, the largest HIPAA settlement to date, against two partnering New York healthcare organizations following a breach affecting just 6,800 individuals. Learn the details behind the tough penalty.
Many health data breaches still go undetected and unreported, says security expert Kate Borten, who analyzes findings from the recent 2014 Healthcare Information Security Today survey.
Cris Ewell, CISO of Seattle Children's Hospital, offers a detailed explanation of how to build an effective incident response plan - an essential component of HIPAA Omnibus Rule compliance.
While security technologies can help safeguard systems and data, breach prevention and compliance programs also depend on workforce security awareness. Here are some simple steps to take.
A breach involving the posting of information about 15,000 Boston Medical Center patients on a transcription firm's unsecured website serves as a reminder of the importance of monitoring the security practices of business associates.
A new voluntary security and privacy certification program for covered entities in Texas aims to bolster compliance with HIPAA and state regulations, prevent breaches - and perhaps help organizations avoid federal sanctions.
Business associate agreements should not be a dumping ground for healthcare entities to make demands on their vendors with provisions that go beyond specific HIPAA privacy and security regulations, says attorney Gerry Hinkley.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.
In the five years since the HITECH Act was signed into law, there have been some major successes and disappointments concerning health information security and privacy, says Joy Pritts of the Office of the National Coordinator for Health IT.
The federal tally of major breaches continues to grow. But even relatively small breaches can result in tough federal sanctions, as settlements announced earlier this week show.
Federal regulators have slapped hefty HIPAA enforcement fines against two covered entities that had relatively small breaches involving stolen unencrypted laptop computers.
As a result of the HIPAA Omnibus Rule's new breach notification guidelines that went into effect last year, business associates need to take certain steps when notifying covered entities of incidents, says security expert Brian Evans.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.