Healthcare Information Security

Health IT Security and HIPAA News

OCR Clarifies PHI Disclosure Guidance in HIPAA Privacy Rule

by

Partially due to legal confusion following the 2016 Orlando nightclub shooting, the Office for Civil Rights (OCR) has released an FAQ clarifying certain aspects of PHI disclosure policies with patients’ loved ones under the HIPAA Privacy...

LabMD Files Review Petition Against Data Breach Allegations

by

LabMD filed a petition for review on December 27, 2016, following a U.S. federal appeals court granting a stay of an FTC order in the continuing battle between the two parties over data breach allegations. The U.S. Court of Appeals for the 11th...

Breach Notification Center of Presence Health HIPAA Settlement

by

Healthcare network Presence Health recently agreed to a $475,000 OCR HIPAA settlement following a reported data breach and a subsequent delayed breach notification process. Presence submitted a breach notification report to OCR on January 31,...

Anthem Data Breach Reportedly Caused by Foreign Nation Attack

by

The large-scale cybersecurity attack on Anthem in 2015 that led to 78.8 million consumer records potentially being exposed in a data breach was caused by a foreign nation attacker, according to the California Department of Insurance. An investigation...

Healthcare Ransomware Attacks Fuel Protection Market Growth

by

As healthcare continues to digitize medical records and increase its use of ePHI, it is also making it a larger target for ransomware attacks, according to recent research. The healthcare industry is also facing more ransomware attacks than any...

Southcentral Foundation Cyberattack Affects 14K in AK

by

Alaska-based Southcentral Foundation recently announced on its website that it experienced a data breach regarding PHI on October 18, 2016. Employee email accounts were potentially accessed during a cyberattack. The incident involved the potentially...

Mass. Launches Online Data Breach Notification Archive

by

As part of the recently updated Massachusetts Public Records Law, the state’s Office of Consumer Affairs and Business Regulation made its online Data Breach Notification Archive available to the public. Governor Charlie Baker signed the...

Patient Data Breach Fear Hinders Health Data Sharing

by

As technology continues to evolve in the healthcare industry, patients may not be as accepting of tools such as patient portals and mobile apps over a fear of a data breach. A recent Black Book survey found that 57 percent of consumers who had...

Cybersecurity Challenges Key Focus in Federal Appointment

by

Last week, Thomas P. Bossert was appointed to serve as Assistant to the President for Homeland Security and Counterterrorism, and will advise the President-elect on cybersecurity challenges, homeland security, and counterterrorism. The role has...

Easing HIPAA Violation Concerns with Patient Data Access

by

While the healthcare sector continues to work toward achieving nationwide interoperability, concerns over potential HIPAA violations with regard to patient data access is also on the rise. Covered entities need to allow individuals access to...

What Happened with mHealth Security, Mobile Privacy in 2016?

by

Covered entities and business associates are continuously searching for the technologies that can improve physician workflow, while also ensuring PHI security. Mobile devices are increasing in popularity, and are quickly becoming beneficial tools...

ICIT Finds Healthcare Sector at Great Risk for DDoS Attacks

by

With its high dependency on digital records, network connectivity, accessible information, and real-time communication, healthcare is one of the sectors at greatest risk for a DDoS attack, the Institute for Critical Infrastructure Technology...

What Should Entities Expect for Healthcare Security in 2017?

by

We can spend the entirety of this article discussing all of the breaches, security holes, and data loss that happened within healthcare this year alone. There are plenty of examples around encryption, physical device loss, lost user accounts,...

New Hampshire Hospital Data Breach Affects 15K Patients

by

A patient at New Hampshire Hospital reportedly hacked into the New Hampshire Department Of Health And Human Services (DHHS), posting information online and creating a potential data breach for 15,000 individuals. DHHS said in an online statement...

FDA Finalizes Medical Device Cybersecurity Guidance

by

An effective medical device cybersecurity risk management program needs to include premarket and postmarket lifecycle phases, according to recent guidance from the Food and Drug Administration (FDA). Furthermore, cybersecurity should be addressed...

Protecting Healthcare Physical Assets Containing PHI

by

Administrators are actively looking into more ways to protect their virtual machines, their data points, and all of those logical resources that the organization relies upon. As the healthcare entity becomes even more digitized, we must never...

Maintaining Data Security with Cloud Computing Options

by

Cloud computing is quickly becoming a popular option for healthcare organizations, including both covered entities and business associates. Offsite storage can aid data security measures, but the information can still be accessed from numerous...

ONC Explains Patient Data Access, HIPAA in Latest Report

by

While health IT has made progress on standards and economic incentives, concerns over HIPAA rules and patient data access can be a hindrance on the continued push toward nationwide interoperability, according to a recent report from the Office...

NIST Cybersecurity Guide Highlights Recovery, Restoration Plan

by

Properly developing and implementing recovery plans, processes, and procedures will help organizations fully restore a system weakened during a cybersecurity event, the National Institute of Standards and Technology (NIST) explained in a recent...

DirectTrust Voices Concern for Cybersecurity in Healthcare

by

The new administration needs to understand the importance of creating strong cybersecurity measures in healthcare, according to DirectTrust. Encryption, authentication, and identity management are all critical requirements to help policy and...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks