Federal regulators have smacked five more healthcare organizations with financial settlements for failing to provide individuals with timely access to health information as required under HIPAA. Earlier, regulators announced two other similar settlements.
The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.
What privacy and security issues are raised by patients using smartphone apps to access health records? Attorney Helen Oscislawski and security expert Jarrett Kolthoff offer an analysis.
Federal prosecutors say an electronic health records vendor has agreed to pay $500,000 to settle a whistleblower case about the software maker allegedly falsifying testing results in 2015 to obtain certification for participation in the HITECH Act meaningful use incentive program.
The Department of Health and Human Services' Office for Civil Rights plans to issue a notice of proposed rulemaking to modify the HIPAA rules before the end of the year, says Timothy Noonan, the agency's deputy director for health information privacy.
Several health IT industry groups are urging the FTC to update its health data breach notification rule, designed to cover health data not protected under HIPAA, to better address technological developments and regulatory gaps that have evolved since the rule was implemented a decade ago.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.
Rep. Bill Foster, D-Ill., who has twice introduced a measure to pave the way for a national patient identifier, explains in an in-depth interview why he believes such an ID is essential.
An executive order President Donald Trump signed Monday that's designed as a first step toward potential long-term expansion of the use of telehealth could prompt renewed attention to related privacy and security issues.
In an exclusive, wide-ranging video interview, Don Rucker, M.D., HHS national coordinator for health IT, discusses why more work needs to be done to protect the privacy of health data as well as why the U.S. needs to ramp up secure health information exchange among clinicians.
Your patients and members are today's consumers, and they expect seamless user experiences. But you can't meet their demands at the expense of security. You must remain a stalwart steward of protected health information (PHI) and personally identifiable information (PII). The distributed nature of healthcare delivery...
HHS has finalized changes to certain privacy provisions related to the sharing of patient records associated with federally assisted substance use disorder treatment programs. The changes aim to improve treatment of some patients addicted to opioids and similar drugs.
The Department of Health and Human Services' privacy and security regulatory priorities for the rest of this year include tackling some long-stalled projects. Here's a rundown of the to-do list.
Healthcare organizations need to diligently assess whether a security incident involving patient information truly qualifies as a reportable breach under HIPAA to avoid needlessly reporting it to federal regulators, says regulatory attorney Helen Oscislawski.
The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.
