HIPAA settlements with large financial penalties grab headlines, but the majority of regulatory actions tied to breaches and other HIPAA complaints call for no such penalties. And most complaints are dismissed. Find out why.
Taking steps to ensure patient privacy is protected as more records are exchanged among provider organizations will be a top challenge for ONC's next chief privacy officer, says the office's outgoing privacy chief, Joy Pritts.
A federal advisory panel is gearing up to tackle a number of data security, privacy and legal issues involved when accessing and exchanging the electronic health information of patients who are minors. Find out what makes those issues so complex.
Consistency in privacy and security policies will prove critical to an effort in New York to link 10 regional health information exchanges into a statewide network, says David Whitlinger, executive director of the statewide initiative.
A GOP report offers a scathing assessment of technical and management issues - including security practices - that contributed to the troubled launch of HealthCare.gov. Meanwhile, HHS announces new management positions for the Obamacare project.
If the NSA's meddling in NIST cryptography standards soiled the reputation of the National Institute of Standards and Technology, an amendment approved by the House of Representatives could help restore it.
A privacy activist's case against Facebook for allegedly sharing Europeans' personal data with the NSA in violation of EU data protection rules has been referred to the European Court of Justice for review.
Healthcare organizations that base their information security programs on HIPAA compliance are making a major blunder, says security consultant Brad Keller, who explains why that strategy is short-sighted.
The U.K. government's legal justification for spying en masse on British residents' online communications - Google searches, Facebook posts, Webmail - is questioned by privacy and Internet law experts as part of a case triggered by Edward Snowden's leaks.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
Joy Pritts, the first chief privacy officer at the Office of the National Coordinator for Health IT, is leaving the job after four years in the position. The move comes as ONC is revamping its structure.
A critical step in the successful implementation of role-based access control at healthcare organizations is first committing to do time-intensive prep work, says security expert Christopher Paidhrin of PeaceHealth.