Healthcare Information Security

Patient Privacy News

VA Patient Data Disclosure to HIEs Permitted in Proposed Rule

January 19, 2018 - The Department of Veterans Affairs (VA) published a proposed rule that would amend its current regulations on allowing patient data disclosure to health information exchanges (HIEs). The updated rule would permit VA to release a patient’s medical records to an HIE even if there is not a physical copy of the patient’s written consent. “This proposed rule would be a reinterpretation...


Articles

20% of RNs Had Patient Data Breaches, Claim Response Confidence

by

There is potentially a disconnect between healthcare professionals’ confidence in preventing patient data breaches and actually being able to do so, according to recent research from the University of Phoenix. Twenty percent of registered...

Data Security Cited in ONC Health Data Exchange Framework Praise

by

ONC’s Trusted Exchange Framework and Common Agreement (TEFCA) draft has so far been met with industry support, with organizations lauding ONC in working to strengthen trust and support for nationwide interoperability while also considering...

HHS Final Rule Differs from HIPAA Regulations on Data Sharing

by

The Department of Health and Human Services’ (HHS) Substance Abuse and Mental Health Services Administration (SAMHSA) published a final rule that simplifies data sharing for patients’ substance abuse records, differing from current...

CMS Stresses Security in Healthcare Texting Clarification

by

The Centers for Medicare and Medicaid Services (CMS) explained in a recent Survey and Certification letter that healthcare texting, specifically texting patient information to members of the care team, is only allowed through a secure platform....

2017 Updated State Data Breach Laws Account for Medical Information

by

State data breach laws can be critical for protecting sensitive data, and healthcare organizations must ensure they adhere to them along with federal regulations. The data breach notification process is a crucial aspect to state law, and can...

MA Reaches Settlement Following Medicaid Data Breach

by

New Hampshire-based Multi-State Billing Services (MSB) must pay $100,000 and improve its security practices per a consent judgment from the Massachusetts attorney general’s office. The settlement stems from a Medicaid data breach where...

Health Data Privacy Concerns Key Influence in PHI Data Sharing

by

Patients might be more willing to participate in PHI data sharing when their health data privacy concerns have been properly addressed, according to a recent study published in the Journal of Medical Internet Research. Providers must understand...

Reducing Insider Data Breach Risk with Strong IAM Policies

by

Implementing effective identity and access management (IAM) policies and controls is essential for healthcare organizations that are looking to reduce the potential of insider data breach risk, according to the OCR November 2017 Cybersecurity...

$2M Settlement Reached in Cottage Health Data Breach Case

by

Cottage Health System recently reached a $2 million settlement with the California Attorney General’s office after two separate health data breach incidents that took place in 2013 and 2015. In total, more than 50,000 patients had their...

HIPAA Info Included in Updated MD Data Breach Notification Law

by

Maryland has updated its data breach notification law, with information protected under HIPAA to be included under the definition of personal information. Should that data be compromised in a data breach, state organizations will need to notify...

CareFirst Data Breach Case Moves to US Supreme Court

by

A petition for writ of certiorari was recently filed with the US Supreme Court, pushing the CareFirst data breach case forward. CareFirst wants its case reviewed, which could potentially reignite the debate over how plaintiffs need to establish...

Increased Patient Data Access Requires Strong Health Data Security

by

As more healthcare organizations offer increased options for patient data access, it is crucial that health data security measures do not become an afterthought. HIPAA regulations allow for patients to access their own health data, but there...

Researchers Question Previous Health Data Breach Study

by

Claiming that larger healthcare facilities have a higher risk of experiencing a health data breach “neglects inherent biases in data collection and reporting practices,” according to a letter published in the Journal of the American...

FDA Urges Patient Data Access with Medical Device Information

by

Medical device manufacturers should appropriately and responsibly allow patient data access with patient information collected from devices, according to a finalized document from the Food and Drug Administration (FDA). Sharing “patient-specific...

41% of Health Data Breaches Stem from Unintended Disclosure

by

Unintended data disclosure, such as emails containing PHI sent to the wrong recipient or servers left publicly accessible, accounted for 41 percent of reported health data breaches the first nine months in 2017, according to research from Beazley....

Will Common Rule Changes Impact Health Data Security?

by

The American Medical Informatics Association (AMIA) reiterated its support of considered changes to the Federal Policy for the Protection of Human Subjects, or the Common Rule. Adjustments to the Common Rule could also have an impact on certain...

Single National Data Breach Notification Standard Proposed

by

A recently proposed bill calls for a single national data breach notification standard, which would replace the existing state notification laws and “clarify and strengthen” organizations’ reporting obligations. Rhode Island...

Will Healthcare Blockchain Resolve Data Privacy Concerns?

by

Healthcare blockchain is increasingly being viewed as a potential solution to numerous IT problems, such as connectivity issues, data privacy concerns, and patient record sharing barriers, according to a recent Black Book survey. The Black Book...

Tech Company Agrees to $264K Vermont Data Breach Settlement

by

Technology company SAManage USA, Inc. recently agreed to pay $264,000 as part of a data breach settlement with the Vermont Attorney General, following a July 2016 incident. SAManage provides cloud-based IT support, which was used by WEX Health...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks