Longtime privacy advocate Deven McGraw has left her positions leading health information privacy efforts at the Department of Health and Human Services. What's next for privacy leadership at HHS?
The new FHIR standard is designed to help ease the exchange of health data among healthcare organizations across the nation. But there's one problem: The standard lacks a strong security component. That's why federal regulators have launched a competition to devise ways to enhance security for FHIR.
A bipartisan group of five senators has asked a watchdog agency to produce "clear recommendations" for how to make sure the right patients are matched to the right records to help improve the quality of care and crack down on medical and identity fraud. But will that require a national patient identifier?
Hospitals and physicians need to ramp up their security scrutiny of electronic health records systems as a result of recent changes in the Department of Health and Human Services' certification of EHRs, says privacy attorney David Holtzman.
Recent changes by the HHS to the certification program for electronic health record software could potentially weaken efforts to ensure EHRs meet federal requirements, including those that impact security, says attorney Maya Uppaluru, who formerly was on the HHS staff.
Through an ongoing series of Healthcare Security Readiness workshops, key gaps in how healthcare organizations defend against cybercrime hacking have emerged. Has your organization assessed and mitigated gaps in security...or are even aware of what they are?
In the following ISMG interview transcript, David...
An ongoing series of Healthcare Security Readiness workshops reveals some key gaps in how healthcare organizations defend against cybercrime hacking. How should entities assess and mitigate these gaps? David Houlding of Intel shares insights.
There are many faces of fraud in the insurance market - using stolen identities to obtain a new policy - or just as troubling, an account takeover to make a false claim or change payee information to receive claim funds. And when fraud hits, it hurts everyone in the pool.
At the same time, the insurance industry...
In the wake of Hurricane Harvey, Texas hospitals have not yet reported issues involving access to electronic health records and other critical systems, says Lance Lunsford of the Texas Hospital Association.
A U.K. tabloid newspaper is reporting that a contractor that provides services to the National Health System has been attacked by a hacker who claims to have stolen 1.2 million patient records. But the contractor claims it was the victim of a much smaller breach and no patient records were accessed.
An Atlanta-based neurological practice is the latest healthcare organization to recover from a ransomware attack, only to discover it was the victim of a significant earlier hacking incident. What are the lessons to learn?
Inappropriate access to electronic patient records by a clerk for 14 years at a state-run psychiatric facility in Massachusetts shows just how difficult it can be to detect and prevent long-term breaches involving insiders.
The effort to improve the matching of patients to all the right records from multiple sources may get a new boost from Congress. Learn about the latest effort to help ensure clinicians have secure access to all the right records for the right patient - and the implications for CISOs.
While the U.K. is beefing up funding for hospital cybersecurity, in the U.S., some Congressional leaders are pushing for moves that could have the unintended consequence of sapping security investments by some healthcare providers.
Two GOP senators are asking federal regulators to recoup potentially millions of dollars worth of allegedly inappropriate EHR incentive payments made under the HITECH Act. If the money is clawed back, what's the potential impact on data security spending?
