Google and the University of Chicago Medical Center have filed motions to dismiss a class action lawsuit that alleges patients' records were not properly de-identified by the hospital before they were shared with Google for research. Legal experts offer an analysis of the privacy case.
The Department of Health and Human Services has issued proposed changes to privacy rules related to the sharing of patient records created by federally assisted substance use disorder treatment programs. Do the proposals go too far, or not far enough?
DirectTrust's new effort to develop a standard for instant messaging in healthcare could potentially help providers securely communicate in real time over multiple platforms, says Scott Stuewe, the nonprofit alliance's president and CEO.
A watchdog agency review of a VA medical center in California spotlights security issues involving medical device "workarounds" that some experts say are common but often overlooked or underestimated risks.
A lawsuit against the University of Chicago Medical Center and Google seeking class action status points to the important privacy and security issues raised when sharing patient data for research purposes - and whether data can be truly "de-identified."
A Kansas hospital has agreed to pay $250,000 to settle allegations that it falsely attested to conducting a security risk analysis as required under the HITECH Act electronic health records financial incentives program. Two whistleblowers in the case will receive $50,000 from the settlement.
Federal regulators have smacked a cloud-based electronics health records vendor with a $100,000 HIPAA settlement in the wake of a 2015 cyberattack that affected millions of individuals. What's the focus of the enforcement action?
Federal regulators and medical device maker Philips have issued alerts about a security vulnerability in the company's Tasy electronic medical records system that could put patient data at risk. How common is this type of vulnerability?
Healthcare stakeholders and security and privacy experts are sizing up the second draft of the government's Trusted Exchange Framework and Common Agreement, the latest in a decades-long series of attempts to pave the way for secure national exchange of health information to improve patient outcomes.
Among the hundreds of responses to a federal request for comments about potential changes to the HIPAA rules were suggestions for "safe harbors" that would shelter organizations with strong security strategies from HIPAA enforcement actions after a health data breach.
Guided by a "human-centered" principle, there is nothing more critical to Tri-Counties Regional Center (TCRC), than protecting and promoting the lives of those with developmental disabilities. That is why TCRC proactively secures Personal Health Information (PHI) to protect the people behind that information. Critical...
The HHS Office for Civil Rights is paying particular attention to complaints involving patients' access to their health information; it's also focusing on investigations of organizations with patterns of HIPAA noncompliance, Nick Heesters of the agency explains in an interview at the HIMSS19 conference.
For the second time, the Department of Justice has imposed a substantial fine on an electronic health records software vendor in a case that involves data accuracy and integrity issues that could affect patient safety.