As the Sony and Epsilon breaches show, privacy is now in the news media every day. And organizations need to be prepared to address the issue, says Trevor Hughes, executive director of the International Association of Privacy Professionals.
The California Supreme Court has ruled that a key provision of a tough state medical privacy law is not preempted by federal regulations. The evolving case, which eventually could wind up before the U.S. Supreme Court or grow into a class action case at the state level, is worth watching.
A plan to launch a national database of certain federal healthcare claims data has been revised and downsized to address some, but not all, of the concerns that privacy advocates voiced.
Danish pharmaceutical company Novo Nordisk Inc. has agreed to a $1.725 million civil settlement agreement to resolve allegations that the company accessed and misused private patient information and filed false or fraudulent Medicaid claims.
If you need one more reason to take additional steps to prevent health information breaches, here's something to consider. An attorney argues that if breaches, and their high costs, are not brought under control, "I think where we are headed is to an insurance crisis."
After hearing objections from hospitals and physicians about a proposed "opt-in" approach to obtaining patient consent for health information exchange, the Maine legislature has passed a rewritten measure that spells out rules for an "opt-out" approach.
The executive director of a Southern California health information exchange describes a pilot project that's testing whether patient identifiers make it easier to match patients to their records from multiple organizations.
A personalized medicine project leveraging genetic information holds great promise for improving patient treatment but raises certain privacy issues, says Scott Megill, CIO at the Coriell Institute for Medical Research.
Security expert Kate Borten contends the proposed accounting of disclosures rule's requirement to provide patients with a report listing those who have accessed their records is a good idea.
Revelations that Google's Gmail and Sony Pictures were both targeted by hackers highlights growing concerns about cybersecurity and the sophistication - and frequency - of attacks, as well as how to keep the public informed about such incidents.
"Just securing the data is no longer enough," says Trevor Hughes, head of the International Association of Privacy Professionals. 'Privacy professionals, in addition, need to prepare for what happens when things go wrong."
Organizations looking to improve their privacy management in the event of a breach "have to continually plan and prepare," says Nationwide's Chief Privacy Officer Kirk Herath. That means putting into writing a comprehensive plan.
The recent Sony and Epsilon breaches sent a strong reminder that companies lack transparency and aren't prepared to respond to a breach once it occurs, says Kirk Herath, Chief Privacy Officer at Nationwide Insurance Companies.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.