Voluntary national standards, including privacy and security guidelines, for health information exchanges are inching forward. Federal authorities soon will seek comments on plans for a Nationwide Health Information Network Governance Rule.
Susan McAndrew of the HHS Office for Civil Rights provides insights about an omnibus package of regulations - including a revised version of the HIPAA breach notification rule - that's now in the final stages of review.
The UK has announced the first fine against a National Health Service unit for a breach in violation of the Data Protection Act. The Aneurin Bevan Health Board in Wales was fined Â£70,000 by the Information Commissioner's Office for sending sensitive patient information to the wrong person.
Accretive Health Inc., a Chicago-based medical debt collection agency, has filed a motion to dismiss the Minnesota attorney general's lawsuit against the company that stems, in part, from a data breach incident involving a stolen unencrypted laptop.
Among the provisions of the Federal Information Security Amendments Act, approved by a voice vote, is a requirement that agencies implement continuous monitoring of their IT systems to identify vulnerabilities before a cyber incident occurs.
Minnesota Attorney General Lori Swanson has issued a six-volume investigative report on Accretive Health Inc., a medical debt collection company that her office sued in January in connection with a data breach incident and other business practices.
What do the proposed Stage 2 rules for the HITECH Act electronic health record incentive program have to say about encryption and other security measures? Consumer advocate Deven McGraw provides an analysis.