Your data is leaking and it's at risk.
Data is a crucial and pervasive asset of any healthcare organization, but to safeguard your most
valuable information—as well as that of your patients—there needs to be a shift in the data security
strategy to protect what really matters: the data itself.
Your data is...
Two states have recently taken steps to bolster cybersecurity and data privacy protections. Connecticut has enacted a law designed to give certain legal protections to businesses that adhere to cybersecurity frameworks. And a new data privacy law in Colorado allows individuals to opt out of data collection.
You see the news: how many healthcare entities are struck by ransomware. But how many of them conducted business impact analyses before they were victims? Too few, says Cathie Brown of Clearwater. She discusses the value of doing a BIA before the crisis strikes.
The recent decision by a Massachusetts-based hospital to pay a ransom in exchange for promises by the attackers to destroy stolen data spotlights the difficult choices many healthcare entities face in the wake of cyberattacks.
A data security incident involving a Canada-based insurer that provides comprehensive health coverage to students studying abroad shines a light on complex international regulatory issues companies can face in the wake of a data breach.
HIPAA compliance is a complex cybersecurity standard with onerous consequences for failure. Securing Protected Health Information (PHI) at rest and in transit is the critical piece that is too often neglected until it leads to breaches of HIPAA requirements.
HIPAA’s Final Omnibus Rule in 2013 doubled the maximum...
The National Institute of Standards and Technology is seeking public comment as it plans to update its 2008 guidance for implementing the HIPAA Security Rule. But is it time to update the security rule itself?
A proposed privacy framework from the eHealth Initiative & Foundation and the Center for Democracy and Technology aims to set standards for the collection, disclosure and use of health data that falls outside the protection of HIPAA, says attorney Andrew Crawford of CDT.
As the list of healthcare sector entities affected by the recent hacking of Accellion's File Transfer Appliance platform continues to grow, the technology vendor faces a lawsuit filed by one of its affected clients, health insurer Centene Corp.
Hacking incidents - including ransomware attacks, phishing scams and episodes involving vendors - are still the dominant culprits in major health data breaches being reported to federal regulators so far this year. Why?
A coalition of 41 state attorneys general has reached a settlement with American Medical Collection Agency in the wake of a 2018 data breach that compromised the data of 21 million individuals and pushed the company to file for bankruptcy.
Many of the major health data breaches added to the federal tally so far this year involve business associates, continuing a trend in recent years. The largest of those is an incident reported by a children's health and dental insurance plan provider involving a website hosting vendor.
Nebraska Medicine/UNMC has just begun notifying 219,000 individuals of a hacking incident that was discovered last September. The lag between breach discovery and notification illustrates the difficulties organizations often face in incident response, some security experts say.
From both a regulatory and a security perspective, it’s not enough to simply perform a risk analysis. The HIPAA Security Rule requires and today’s rapidly evolving threat landscape demands that healthcare organizations respond to the risks identified appropriately and effectively.
Read this guide for expert...