In the wake of the Supreme Court ruling, security and privacy leaders need to forge ahead with initiatives that were left in limbo while the court weighed the constitutionality of the healthcare reform law.
The Department of Health and Human Services' Office for Civil Rights has published the official protocol for ongoing HIPAA compliance audits, offering a detailed breakdown of audit procedures.
A new GAO report criticizes HHS for its tardiness in issuing guidance for how to de-identify patient data. The report also calls on HHS to spell out plans for continuing its HIPAA compliance audit program beyond this year.
The Alaska Department of Health and Social Services has agreed to pay $1.7 million to settle a HIPAA case stemming from a relatively small breach. Federal authorities listed numerous security shortcomings at the department, which oversees Medicaid in the state.
As Information Security Media Group continues to grow, veteran healthcare IT journalist Marianne Kolbasuk McGee has joined the staff as managing editor of HealthcareInfoSecurity.
Owners of critical infrastructure might be shamed into providing the necessary security to safeguard their information assets. That's one takeaway of a compromise Senate bill proposed by Democrat Sheldon Whitehouse and Republican Jon Kyl.
The initial 20 HIPAA compliance audits found that more organizations had trouble with security compliance than privacy compliance, an analysis by federal officials shows. Learn about the other findings.
Final versions of several pending federal healthcare regulations that deal, in part, with privacy and security issues will be issued soon, federal authorities say. Find out all the details.
A new report from two consumer advocacy groups identifies seven gaps in privacy protections that policymakers need to address to help support electronic health information exchange.
It's the everyday attacks, not the Flames, that are most likely to put an organization's IT infrastructure in jeopardy. Here is advice for how organizations can staff up and improve cybersecurity.
Emory Healthcare in Atlanta faces a class action lawsuit seeking more than $200 million in damages following a breach involving 10 missing unencrypted backup disks.
Developing a culture of responsibility could go a long way in helping business, not-for-profits and governments secure their organizations' information resources.
FTC settlement agreements in two cases involving data exposed on peer-to-peer networks offer a reminder of the risks involved in using the networks. Social Security numbers, healthcare information and other personal details were exposed.
LinkedIn, the social network that's investigating the pilfering of nearly 6.5 million of its members' passwords, has neither a chief information officer nor chief information security officer.
If you'd like to avoid being subjected to a federally mandated biennial data security audit for the next 20 years, you might want to make sure no one in your organization is using peer-to-peer networks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.