The failure to pass privacy legislation in the U.S. hasn't stopped regulatory agencies from taking matters into their own hands - a pattern that will continue throughout 2013, says a panel of attorneys.
The National Institute of Standards and Technology plans to develop platform options for secure health information exchange, especially among smaller providers. But how soon will the platforms be available?
In this week's breach roundup, British Columbia's health minister has confirmed personal health data for millions of individuals was accessed for research purposes without authorization, and a Canadian agency lost a device containing student loan information for almost 600,000.
The long overdue final HIPAA omnibus rule has been released. The package includes extensive modifications to the HIPAA privacy, security and enforcement rules as well as an updated version of the HIPAA breach notification rule.
Two new insider fraud cases showcase the challenges organizations face to detect and prevent crimes by trusted employees. "You need IT controls, but you need more than IT," says researcher Randy Trzeciak.
Commenters reacting to proposed HHS requirements for Stage 3 of the HITECH Act electronic health record incentive program raise a wide range of privacy and security concerns. Find out what the AMA and others had to say.
Many organizations are weighing whether cyber-insurance is a worthwhile investment. A decision on the type of policy to buy, and what it should cover, depends, in part, on the type of information that could be exposed.
The growing threat landscape exacerbates the IT security skills shortage, meaning many organizations struggle with inadequate and sometimes unqualified staff. How are security leaders addressing the crisis?
A federal advisory panel has recommended that the Office of the National Coordinator for Health IT issue guidance soon on how to verify the identities of patients seeking online access to their records.
In this week's breach roundup, regulators are investigating a possible breach involving Kaiser Permanente and a business associate, and hackers compromise servers at a University of North Carolina cancer center.