HIPAA settlements with large financial penalties grab headlines, but the majority of regulatory actions tied to breaches and other HIPAA complaints call for no such penalties. And most complaints are dismissed. Find out why.
A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.
A new $800,000 HIPAA settlement between federal regulators and an Indiana community health system is another reminder that protecting paper patient records is just as important as safeguarding electronic records. Find out the settlement details.
In another twist in the ongoing dispute between the FTC and LabMD, a House Committee is investigating the relationship between the commission and a security vendor that is at the center of a data security case against the medical testing lab.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
Joy Pritts, the first chief privacy officer at the Office of the National Coordinator for Health IT, is leaving the job after four years in the position. The move comes as ONC is revamping its structure.
As the Office of the National Coordinator for Health IT thinks through care models and broader issues of big data, Karen DeSalvo, head of the office, says it's striving to ensure privacy and security for patients.
The federal tally of major health data breaches has hit a new milestone; it now lists more than 1,000 incidents affecting 500 or more individuals. Experts weigh in on the lessons to be learned from the details of these breaches.
As the HHS Office for Civil Rights ramps up HIPAA enforcement activities, a key leader of the agency's HIPAA initiatives has retired, and the director of the agency may soon be leaving as well. Find out the very latest details.
A judge has dismissed most of the claims in a consolidated class action lawsuit stemming from the 2011 data breach involving SAIC and the military health program TRICARE, which affected 4.9 million individuals.
Federal regulators have issued a $4.8 million sanction, the largest HIPAA settlement to date, against two partnering New York healthcare organizations following a breach affecting just 6,800 individuals. Learn the details behind the tough penalty.
A new voluntary security and privacy certification program for covered entities in Texas aims to bolster compliance with HIPAA and state regulations, prevent breaches - and perhaps help organizations avoid federal sanctions.
The recent Verizon Data Breach Investigation Report notes more than 16,000 incidents in the past year where sensitive information was unintentionally exposed. "Nearly every incident involves some element of human error," the report notes.