As health data privacy concerns heat up to a boiling point on multiple fronts, it's more essential than ever that patients get a clear opportunity to make a choice about whether their data is shared, says privacy advocate Twila Brase, who heads the Citizens' Council for Health Freedom.
As the wait continues for federal regulators to issue final rules for health IT interoperability and information blocking prevention, some industry stakeholders are raising serious concerns about the privacy of patient data accessed and shared using application programming interfaces and mobile consumer apps.
Facebook has agreed to pay $550 million to settle a class action lawsuit alleging the company violated Illinois law in collecting data for a facial recognition tool without users' consent.
A federal court has invalidated certain HITECH Act provisions and Department of Health and Human Services' guidance related to patient requests for copies of their health records, creating new requirements for compliance officers and others to follow.
Deception technologies offer a way to shift away from a purely defensive "detect and response" posture toward a more proactive offensive approach that draws stealth cyberattackers into the open before a breach.
Securing medical devices properly is of crucial importance. However, before this goal can be completely achieved, there are several challenges to overcome.
Federal prosecutors say Practice Fusion - a unit of Allscripts - will pay $145 million to settle civil and criminal investigations related to its electronic health records system. The case includes a kickback scheme involving opioids as well as false claims regarding HITECH Act certification compliance.
Many companies that should be offering customers the ability to "opt out" of the sale of their information under the California Consumer Privacy Act are failing to do so because of the law's ambiguities, some legal experts say. CCPA went into effect Jan. 1, but it won't be enforced until July.
A California healthcare provider took nearly seven months to report to regulators a phishing incident that exposed information on 200,000 patients. Security experts are analyzing whether the delay could be justifiable.
Apple previously scuttled plans to add end-to-end encryption to iCloud backups, Reuters reports, noting that such a move would have complicated law enforcement investigations. But the apparent olive branch hasn't caused the U.S. government to stop vilifying strong encryption and the technology giants that provide it.
Since the EU's General Data Protection Regulation went into full effect in May 2018, European data protection authorities have received more than 160,900 data breach reports and imposed $126 million in fines under GDPR for a wide variety of infringements, not all involving data breaches.
Three weeks into the new year, several hacking incidents involving email have already been added to the federal tally of major health data breaches. How should organizations stay one step ahead?
Maryland lawmakers are considering a bill that would make possession of ransomware a crime punishable by up to 10 years in prison, similar to moves at least two other states have already made. But is such legislation effective?
A bipartisan group of U.S. senators has introduced legislation that would require the Department of Homeland Security to appoint cybersecurity leaders in each state to help combat growing cyberthreats against units of local government.
A federal judge in Atlanta has given final approval to a settlement that resolves a class action lawsuit against credit bureau Equifax, which in 2017 suffered one of the largest data breaches in history. The minimum cost to Equifax will be $1.38 billion.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.