Although major healthcare data breaches appear to be on the decline this year, losses and thefts of unencrypted devices continue to be a problem. Bill Lazarus of Stanford Medicine explains how his organization is tackling the issue.
Despite the new instructions on breach notification in the HIPAA Omnibus Rule, there's still plenty of uncertainty about what constitutes a "compromise" of data that triggers notification, says privacy attorney Adam Greene.
A breach at 97-bed Troy Regional Medical Center in Alabama spotlights why even small, cash-strapped hospitals need to ramp up their information security efforts.
Prime Healthcare Services, a 23-hospital system based in California, has agreed to pay $275,000 as part of an HHS resolution agreement in a HIPAA privacy case involving one of its hospitals.
The new HIPAA Omnibus Resource Center provides timely insights for covered entities and business associates trying to meet the Sept. 23 compliance deadline for compliance with the new rule.
Secure messaging based on the Direct Protocol may eventually be applied globally because of worldwide interest in health information exchange, some backers say. The protocol incorporates international standards.
Healthcare faces unique IT challenges. While driving down costs and improving the quality and delivery of patient care, providers must comply with a growing number of government mandates and changing industry practices around the privacy and security of PHI. This white paper explains how VMware vCloud® for Healthcare...
Intermountain Healthcare deserves praise for its gutsy leadership on information security. It's calling attention to the value of thorough risk assessments, acknowledging its need to improve security and developing best practices to share.
Intermountain Healthcare stepped up its risk assessment efforts to better identify security issues and help ensure it can pass a federal HIPAA audit. Plus, it's developing security best practices to share with others.
Many healthcare organizations can improve their risk assessments by thinking about those evaluations in a new way, says privacy and security attorney Kirk Nahra.
With promises of ramped up HIPAA enforcement by federal regulators, and changes in the breach notification rule under the HIPAA Omnibus Rule, it's time for organizations to get serious about insider risks.
Federal advisers are considering options for reinforcing the importance of risk assessments in the rules for Stage 3 of the HITECH Act's incentive program for electronic health records.
How can smaller healthcare organizations determine whether a vendor is a business associate or subcontractor directly liable for compliance under the new HIPAA Omnibus Rule? Regulatory expert Marjorie Satinsky explains.
The HIPAA Omnibus Rule streamlines the process of obtaining patients' permission for use of their information in medical research projects. Privacy attorney Adam Greene sorts through the details.
Consumer advocate Deven McGraw says many provisions in the HIPAA Omnibus Rule, including better breach notification guidance and expansion of HIPAA liability to business associates, will provide substantial benefits to patients.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.