Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
The U.K. government's legal justification for spying en masse on British residents' online communications - Google searches, Facebook posts, Webmail - is questioned by privacy and Internet law experts as part of a case triggered by Edward Snowden's leaks.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
Joy Pritts, the first chief privacy officer at the Office of the National Coordinator for Health IT, is leaving the job after four years in the position. The move comes as ONC is revamping its structure.
A critical step in the successful implementation of role-based access control at healthcare organizations is first committing to do time-intensive prep work, says security expert Christopher Paidhrin of PeaceHealth.
As the Office of the National Coordinator for Health IT thinks through care models and broader issues of big data, Karen DeSalvo, head of the office, says it's striving to ensure privacy and security for patients.
A federal advisory panel has taken a small step toward establishing voluntary electronic health records software certification requirements designed to help pave the way for securely exchanging behavioral health information.
The Office of the National Coordinator for Health IT has unveiled its 10-year plan for achieving an interoperable, nationwide health IT infrastructure. The plan includes privacy and security among five core building blocks.
After receiving much criticism over the privacy and security provisions for HealthCare.gov, it's good to see HHS taking action to help ensure that "navigators" who assist consumers with getting insurance coverage adequately protect patient privacy.
Under a new rule setting standards for the Obamacare health insurance exchanges, those who provide consumers with insurance enrollment assistance and then improperly disclose personally identifiable information can face civil monetary penalties.