A recent hack of a Utah medical radiology group's network server has compromised sensitive health information of more than a half-million individuals, ranking the incident among the 20 largest health data breaches posted on the federal tally so far this year. What are the risks to patients?
A criminal hack attack has disrupted healthcare in Canada's easternmost province and resulted in the theft of patient information and personal details for healthcare employees. The province of Newfoundland and Labrador disclosed the apparent ransomware attack on Oct. 30, and has yet to restore all systems.
MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.
The acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.
While the wait continues for the Biden administration to name a new leader for the Department of Health and Human Services' Office for Civil Rights, the HIPAA enforcement agency recently issued its 20th settlement to date in a case involving a patient "right of access" dispute.
While a final rule for enforcement of the 21st Century Cures Act information blocking regulations is slated to be issued this month, some regulators are still uncertain that timeline will stick, or when other related unresolved details will be disclosed.
Although the federal information blocking rule spells out practices that are not considered violations of the regulation, healthcare entities must carefully assess the validity of privacy or security concerns before denying access, exchange or use of patient data, says attorney Adam Greene.
A second defendant has been sentenced for her role in a Texas conspiracy involving the theft of data from patients' electronic health records that was then sold to support fraudulent claims for payment.
Your data is leaking and it's at risk.
Data is a crucial and pervasive asset of any healthcare organization, but to safeguard your most
valuable information—as well as that of your patients—there needs to be a shift in the data security
strategy to protect what really matters: the data itself.
Your data is...
With a goal of better matching the right patients to all the right medical records, federal regulators have issued new draft technical specifications for standardizing how patients' physical addresses are formatted and represented in health IT systems. But could the effort present new security and privacy risks?
The Biden administration's fiscal 2022 proposed budget for the Department of Health and Human Services calls for an increase in spending to protect HHS from evolving cyberthreats as well as funding boosts to support regulatory and enforcement efforts related to health data privacy and security.
HIPAA compliance is a complex cybersecurity standard with onerous consequences for failure. Securing Protected Health Information (PHI) at rest and in transit is the critical piece that is too often neglected until it leads to breaches of HIPAA requirements.
HIPAA’s Final Omnibus Rule in 2013 doubled the maximum...
As patients more commonly use smartphones and APIs to access their health information, critical security and privacy considerations need to be top of mind, says Micky Tripathi, the new national coordinator for health IT at HHS.
Long-awaited federal information blocking and health IT interoperability regulations went into effect this week. They are designed to give patients improved access to their records, including via smartphone apps, and make it easier for organizations to share records in an effort to improve treatment.
HHS has issued its18th enforcement action in a case involving failure to provide timely access to a patient's requested health records, demonstrating that even the smallest organizations aren't exempt from enforcement efforts.