An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
A new guide from WEDI offers some basic tips for organizations assessing incidents under the HIPAA Omnibus breach notification rule. But it's important to address additional factors for effective beach assessment and response, two experts say.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
Another federal investigation of a relatively small health data breach has resulted in a financial penalty, this time for a physician group practice in Massachusetts. Find out the details behind the settlement.
Cottage Health System in California says patient information was apparently exposed on Google for 14 months because of a lapse in a business associate's protections for one of its servers. Experts discuss the implications for the BA.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
The settlement of a class action lawsuit against AvMed, a health plan company, stemming from a 2009 data breach, is significant because it awards payments to those who were not victims of identity theft.
A congressional committee grilled representatives from four technology vendors providing services for the Obamacare website, questioning, for example, whether the site is putting consumer privacy at risk.
It's been four years since federal officials began tracking major healthcare data breaches. What important lessons can be learned from the causes of these breaches as well as HIPAA enforcement actions by federal regulators?