The HHS Office of Inspector General plans to more closely scrutinize federal regulators' oversight of the security controls that healthcare providers and business associates use to protect electronic patient information. It also will review FDA oversight of medical device cybersecurity.
Now that it has issued a 10-year roadmap for secure, interoperable health information exchange, the Office of the National Coordinator for Health IT has a number of privacy-related projects planned for 2016, says Lucia Savage, ONC's chief privacy officer. She spells those out in this in-depth interview.
In the wake of hacker attacks, which have left healthcare providers uncertain about what security steps to take, the Office of the National Coordinator for Health IT is working to help organizations sort out role-based identity and access management issues, says ONC's privacy officer, Lucia Savage.
As the Department of Defense embarks on a multi-billion dollar project to overhaul its EHR system, supporting millions of military personnel, there are critical privacy and security challenges to be tackled.
As a result of a continuing investigation, the estimated number of organizations affected by a recent cyberattack on Web-based electronic health records vendor Medical Informatics Engineering and its personal health records subsidiary, NoMoreClipBoard, has ballooned.
New draft guidance from the National Institute of Standards and Technology instructs healthcare providers on critical steps for securing patient data on mobile devices. Nate Lesser, who helped prepare the report, offers an analysis.
Medical Information Engineering, which offers Web-hosted EHRs as well as personal health records, reports a hacker attack has exposed an undisclosed number of patients' health information and Social Security numbers.
Our identities are clearly becoming more and more of a critical asset every day, providing us access to and authority within every aspect of our personal, medical, financial and professional lives. Because of this, the value of our identities, especially those that can be created from healthcare information is...
Any device that can communicate with anything else provides a potential open door for the valuable information it accesses and that an organization is responsible for protecting. In our rush to connect everything together, secure information handling is very often an afterthought, if ever even a thought at all.
The...
With PHI and PII increasingly becoming targets for theft - and steady rise of the resulting embarrassment, fraud, prosecutions and penalties - we need to take a fresh look at how best to protect this data from being exposed in the first place. An effective data protection strategy can only be arrived at by considering...
A persons PHI can often be so detailed and complete, hackers and fraudsters can refer to it as a "fullz", meaning it contains enough PII to completely take over someone's identity. This makes this information highly valuable to those communities especially as many other types of fraud can also be committed with it....
In this session, we'll highlight the major findings from Information Security Media Group's new national survey of healthcare information security leaders. For example, an overwhelming majority of respondents were confident their organization would "pass" a Department of Health and Human Services HIPAA compliance...
Lucia Savage, chief privacy officer at the Office of the National Coordinator for Health IT, describes an updated privacy and security guide for physician practices and discusses a variety of other cybersecurity issues in an interview at HIMSS15.
You can't stop taking care of patients when the computers are down. Whether you are entering patients' data into their records or sending billing information to an off-site accounting service, you need that access to continue non-stop. See how you can save time and money with an active-active, highly available file...
The unrestrained growth of digital information world-wide is making it extremely difficult for organizations to capture, manage, store, share and dispose of information in any meaningful way. With the challenges of an evolving regulatory environment and the information overload problem with management practices, many...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.