HHS has issued a draft of a five-year strategic health IT plan that is largely focused on providing patients with secure access to their health information as well as supporting secure, interoperable health information exchange among providers.
The Internet of Medical Things (IoMT) has disrupted the future strategy of healthcare organizations and market segments. Security breaches have become a major concern for providers, and with the increase in high-profile hacks and hospitals' growing dependence on IoMT devices, cybersecurity is of absolutely critical...
The Australian government's digital health records program manages risk and privacy relatively well, according to a new audit, but there's room for improvement in third-party risk management and emergency access to sensitive health records.
As 2020 approaches, healthcare experts forecast necessary information security priorities for the coming year. They will also look back at the mistakes made over the past decade.
Healthcare organizations continue to grow and change at an unprecedented velocity. With 2019 outpacing previous years for acquisitions,...
Enforcing patients' rights under HIPAA to access their health information - including via health apps - is a top policy initiative at the HHS Office for Civil Rights, Director Roger Severino said in a Wednesday presentation. He also said a $2.1 million HIPAA penalty would be announced soon.
Seven healthcare and health IT industry groups are asking Congress to apply the brakes in issuing a final rule on interoperability, information blocking and health information exchange as required under the 21st Century Cures Act, citing concerns about privacy and other issues.
Some healthcare IT industry groups and large provider organizations are pushing the Senate to follow the House's lead and approve a measure to lift the 20-year ban on federal funding of the development or adoption of a unique national patient identifier. Why is this still such a hot privacy issue?
Google and the University of Chicago Medical Center have filed motions to dismiss a class action lawsuit that alleges patients' records were not properly de-identified by the hospital before they were shared with Google for research. Legal experts offer an analysis of the privacy case.
The Department of Health and Human Services has issued proposed changes to privacy rules related to the sharing of patient records created by federally assisted substance use disorder treatment programs. Do the proposals go too far, or not far enough?
DirectTrust's new effort to develop a standard for instant messaging in healthcare could potentially help providers securely communicate in real time over multiple platforms, says Scott Stuewe, the nonprofit alliance's president and CEO.
A watchdog agency review of a VA medical center in California spotlights security issues involving medical device "workarounds" that some experts say are common but often overlooked or underestimated risks.
A lawsuit against the University of Chicago Medical Center and Google seeking class action status points to the important privacy and security issues raised when sharing patient data for research purposes - and whether data can be truly "de-identified."
A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.
Federal regulators have smacked a cloud-based electronics health records vendor with a $100,000 HIPAA settlement in the wake of a 2015 cyberattack that affected millions of individuals. What's the focus of the enforcement action?