Addressing an important privacy issue, federal regulators have issued guidance to clarify details about how patients should authorize the use or disclosure of their protected health information for future research - and their right to revoke that authorization.
A breach involving misdirected emails to nearly 56,000 patients allegedly tied to a sorting error by a business associate has taken an unusual twist: The organization involved, Dignity Health, is asking for patients' help in mitigating the privacy mishap. But could that move prove to be counterproductive?
The annual Infosecurity Europe conference returns to London this week, with a focus on the latest cybersecurity trends and essential practices for organizations. Hot topics range from artificial intelligence and breach response to GDPR and battling cybercriminals and nation-states.
European Parliamentarians finally had their opportunity on Tuesday to ask Facebook CEO Mark Zuckerberg questions about its data handling and privacy practices. But the session, which lasted roughly 90 minutes, turned into a somewhat frustrating flop.
Will federal regulators finally tackle long overdue rulemaking related to a HITECH Act provision calling for the Department of Health and Human Services to share money collected from HIPAA settlements and penalties with breach victims?
Strict HIPAA compliance is a great preparation for compliance with the European Union's General Data Protection Regulation, which will be enforced starting May 25, according to attorneys Robert Stankey and Adam Greene, who provide compliance insights in an in-depth interview.
The number of health data breach victims added to the official federal tally so far in 2018 has doubled in recent weeks to more than 2 million. The largest breach of the year so far involved a break-in at a California government office.
The Trump administration has eliminated the top cybersecurity coordinator role in the White House. The decision has earned a sharp rebuke from lawmakers and former government officials, who say cybersecurity demands a greater - not lesser - prominence in the federal government.
Federal regulators plan to craft a new proposal for revamping a HIPAA Privacy Rule provision for "accounting of disclosures" of electronic patient records. Updating that rule was mandated under the HITECH Act, but the modification has been in limbo since 2011.
Chili's Grill & Bar is warning customers that an unknown number of payment cards were compromised at an unknown number of corporate-owned locations earlier this year for a period of time it suspects lasted two months. Should Chili's have waited to alert customers until it had more information?
A recent hacking incident involving a firm that staffs U.S. hospitals' emergency departments with physicians serves as a reminder of tricky questions that can pop up when a vendor has a breach impacting patient data.
Some military health facilities haven't consistently implemented security controls, putting patient data at risk, according to a new watchdog agency report. But security experts say the weaknesses are quite common at civilian health facilities as well.
A former Massachusetts gynecologist has been convicted in a rare case involving a criminal HIPAA violation. The case was tied to providing a pharmaceutical salesperson access to patients' medical records.