A breach that resulted in a $1 million HIPAA settlement led Partners Healthcare in Boston to take many significant steps, including merging its privacy and security efforts, says CISO Jennings Aske. More changes are planned for 2013.
The Walgreens drugstore chain will pay $16.6 million to settle a California case involving improper disposal of hazardous waste, as well as certain confidential patient information, in dumpsters near their stores.
In parts of Europe and Asia, privacy legislation took solid steps forward in 2012. In the U.S., however, progress has stalled. Is the U.S. at risk of falling behind when it comes to privacy protection?
Healthcare organizations need to more closely monitor how their business associates protect the security of patient information and step up risk assessments as they prepare to comply with looming HIPAA modifications, says attorney Lisa Sotto.
HIPAA compliance audits will resume within about a year once results of a recently completed pilot program are reviewed, says Leon Rodriguez, director of the Department of Health and Human Services' Office for Civil Rights.
The National Institute of Standards and Technology has published new guidance on generating cryptographic keys to help organizations protect their data with secure keys no matter the type of algorithm they choose.
In this week's breach roundup, read about the latest incidents, including a California state health department breach involving Social Security numbers posted online and an e-mail hack affecting patients in the Carolinas.
A new, private-sector electronic health record certification program will test whether software meets higher security and interoperability requirements than those for the HITECH Act's EHR incentive program.