The unauthorized deployment of an unsecured patient database is the latest instance of "shadow IT" spotlighted by a Department of Veterans Affair's watchdog agency. The incident serves as a reminder to all healthcare entities about the patient data risks posed by unsanctioned technology deployments.
Federal regulators are considering potential changes to HIPAA privacy rule and enforcement regulations, but aim to first engage the healthcare sector and public for input, says the nation's top HIPAA enforcer. So, what changes are being considered?
Facebook is facing a new controversy after some users say they've found records of phone calls and text messages in their personal files, but claim they never granted the social networking site permission to collect the data.
A class action lawsuit is seeking millions of dollars in damages for plaintiffs after yet another mailing-related health data breach involving sensitive HIV-related information allegedly visible through envelope windows.
The unfolding story of Cambridge Analytica, which shows how personal information on millions of consumers was obtained via Facebook, demonstrates the degree to which our personal data can be weaponized against us.
While the director of the HHS Office for Civil Rights says HIPAA enforcement remains a top priority for the agency, obtaining enough resources to carry out its mission is an ongoing battle, says former OCR official Deven McGraw.
The U.S. Senate is considering a banking reform bill that would ban credit agencies' practice of charging for a credit freeze, one of the crucial steps experts say can help pre-empt identity theft. Lawmakers have been under intense pressure to create laws that better protect consumers following Equifax's data breach.
Based on the feedback it received, the Office of the National Coordinator for Health IT will consider making tweaks to its proposed Trusted Exchange Framework and Common Agreement, including provisions related to privacy and security, says ONC's Genevieve Morris.
Many banking institutions boast of being "digital first" and enabling "omnichannel banking." But are they fully aware of the new fraud risks they also are inviting? Kimberly Sutherland and Kimberly White of LexisNexis Risk Solutions discuss how to mitigate omnichannel fraud.
Cybersecurity will again be in the spotlight at this year's Healthcare Information and Management Systems Society conference, March 5 to 9 in Las Vegas. The event will feature numerous CISO presentations, updates from regulators and displays of the latest technologies.
Despite the millions of dollars companies invest in cybersecurity programs, advanced persistent attackers constantly devise new means of breaking into corporate environments. How can deception technology offer a new alternative? Ofer Israeli of Illusive Networks explains.
Some healthcare industry stakeholders say the Trusted Exchange Framework that HHS proposes to promote secure, interoperable nationwide health data exchange, while a good starting point, lacks clarity on certain security and privacy issues.
Is your organization prepared for GDPR? The GDPR goes into effect this year on May 25th, 2018! It still remains to be seen exactly how it will be enforced and what specific measures organizations must take to comply. What is clear, however, is that personal data must be protected or severe penalties may be imposed....