In a groundbreaking effort, the attorneys general of a dozen states have jointly filed a federal lawsuit against a cloud-based electronic health records vendor that reported a 2015 data breach affecting 3.9 million individuals.
Federal regulators have slapped a company that provides contracted physicians to hospitals and nursing homes with a $500,000 HIPAA settlement in a breach case involving the lack of a business associate agreement with an individual providing billing services.
A security review of two Medicaid managed care organizations in Arizona revealed several significant access control and configuration vulnerabilities, raising concerns about whether other MCOs face similar challenges.
A lawsuit over a Florida dentist's inability to access patient data stored by a cloud-based electronic medical records vendor illustrates why all healthcare providers need to plan for possible disruptions caused by disputes with business associates.
In at least the fourth federal HIPAA case involving improper disclosure of patient information to the media, federal regulators have slapped a three-doctor practice in Connecticut with a financial penalty.
Federal regulators plan to seek public comments on whether the HIPAA rules create barriers to sharing patient information among healthcare providers, hampering the ability to coordinate care. But some regulatory experts argue the problem is not the rules, but misunderstandings about what they allow.
As CIOs across healthcare strive to
find ways to optimize their business
models, grow their revenue and reach,
and reduce costs, they are turning to
the public cloud.
Download this eBook to learn more about:
The cost optimization opportunities with the cloud;
Not all public clouds are the same and what you need...
An inside view of what HHS OCR is seeing on the healthcare sector privacy and security landscape, and what the agency has in the works to address those challenges. That includes:
Insights from OCR's latest breach and compliance investigations of covered entities and BAs.
An update on OCR's HIPAA enforcement...
Healthcare is the 2nd biggest contributing industry to overall breaches in 2017 with 334 breaches. Data breaches are crippling to any business, but are extra hard on healthcare organizations, considering the vast amount of sensitive information consumers trust them with and the irreparable damage to reputation that...
Months after the New Jersey attorney general's office smacked a medical practice with a hefty penalty for a 2016 breach, the office has signed a $200,000 settlement with the group's business associate that was responsible for the incident and banned its owner from managing or owning a business in the state.
An Iowa eye clinic and its affiliated surgery center recently recovered from a ransomware attack on their common systems within one day and without paying a ransom. This case offers important reminders to other healthcare entities and their vendors about advance planning.
Organizations that don't properly guard their employees' healthcare data and violate HIPAA privacy standards are liable for large fines and often suffer significant brand damage and other negative consequences.
If hackers break into a healthcare company's systems, or an employee leaves a laptop in a coffee shop or...
This week's edition of the ISMG Security Report features an analysis of whether the U.K.'s fine of Facebook for the Cambridge Analytica scandal is just the beginning of regulatory enforcement action. Plus: A potential settlement of Yahoo breach lawsuit and tips on securing data in the cloud.
Health insurer Anthem had earned HITRUST Common Security Framework certification before its mega-breach. Now that the insurer has agreed to a $16 million HIPAA settlement with federal regulators, who spelled out the company's security shortcomings, it's worth scrutinizing the value of adopting a framework.