In its second HIPAA enforcement action for 2017, HHS has slapped an insurer with a $2.2 million settlement in the wake of a relatively small breach, citing the company's lack of timely corrective action.
In this edition of the ISMG Report: An FTC complaint filed against a camera manufacturer could signal the start of a trend to regulate IoT security. Also, Donald Trump adviser Rudolph Giuliani's cybersecurity credentials are questioned, and a terrorist shooting prompts new privacy guidance.
A physician who used her patients' information to aid her successful 2015 campaign for Virginia state senator in violation of the HIPAA Privacy Rule won't be sanctioned by federal regulators.
In a reminder of HIPAA's tough requirements for breach notification, federal regulators have issued a $475,000 financial settlement and corrective action plan for Chicago-based Presence Health tied to its tardy notification for a 2013 paper records breach affecting only about 800 individuals.
The Health Insurance Portability and Accountability Act (HIPAA) just celebrated its 20th anniversary in 2016 as one of the most significant pieces of healthcare-related legislation in U.S. history. Once viewed as a "paper tiger," it has taken many years for the full impact of HIPAA's data security provisions to be...
The transition to a new presidential administration makes forecasting for HIPAA enforcement activity in 2017 difficult, says privacy attorney David Holtzman of the consultancy Cynergistek, who sizes up what the HHS Office for Civil Rights might do this year.
The National Governors Association, in a new road map for improving nationwide secure health data exchange, proposes that states attempt to better align their privacy laws to the federal HIPAA Privacy Rule to help remove legal barriers.
Synchronoss' Tracy Hulver on New Identity Strategies for Connected Healthcare Threats
Attackers have healthcare entities in their crosshairs, and their favorite targets are easily compromised credentials. Tracy Hulver of Synchronoss Technologies offers new ideas for how security leaders can reduce risk and protect...
The impact of the patient data privacy and security provisions of the 21st Century Cures Act, signed into law Dec. 13, will depend, in part, on who is chosen to study key issues and come up with recommendations, says attorney Steven Teppler.
Ransomware is going to get personal. Password managers will be huge targets. And we will see the rise of a whole new exploit kit. These are among the 2017 security predictions from Malwarebytes Laboratories.
And because these attacks are going to continue to result in big headlines, cybersecurity is going to grow as...
President Obama is expected on Dec. 13 to sign the 21st Century Cures Act, which the Senate passed on Dec. 7. Among its long list of provisions, the bill lays out a number of privacy and security-related projects for HHS, including imposing fines on those that intentionally block health data information sharing.
Synchronoss' Tracy Hulver on New Identity Strategies for Connected Healthcare Threats
Attackers have healthcare entities in their crosshairs, and their favorite targets are easily compromised credentials. Tracy Hulver of Synchronoss Technologies offers new ideas for how security leaders can reduce risk and protect...
Federal regulators have issued a warning to healthcare sector organizations about a phishing email campaign that pretends to be compliance audit communications from the nation's top HIPAA enforcer. But who's really sending out these emails?
Healthcare entities must perform security due diligence when they consider introducing emerging technologies - including "internet of things" devices - into their environments, says attorney Stephen Wu, author of a new book on HIPAA compliance.
In the 13th HIPAA enforcement action this year, federal regulators have slapped the University of Massachusetts Amherst with a $650,000 financial settlement and corrective action plan after investigating a relatively small 2013 breach involving a malware infection at a campus speech and language center.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.