Cottage Health System in California says patient information was apparently exposed on Google for 14 months because of a lapse in a business associate's protections for one of its servers. Experts discuss the implications for the BA.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
The settlement of a class action lawsuit against AvMed, a health plan company, stemming from a 2009 data breach, is significant because it awards payments to those who were not victims of identity theft.
A congressional committee grilled representatives from four technology vendors providing services for the Obamacare website, questioning, for example, whether the site is putting consumer privacy at risk.
It's been four years since federal officials began tracking major healthcare data breaches. What important lessons can be learned from the causes of these breaches as well as HIPAA enforcement actions by federal regulators?
Federal regulators plan to launch a permanent HIPAA compliance audit program in 2014 that targets a larger number of organizations but covers a narrower scope of issues. Learn the details the nation's top HIPAA enforcer revealed.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.
Insurer WellPoint has agreed to pay the Department of Health and Human Services $1.7 million to settle a HIPAA case stemming from a website data breach that may have exposed information on more than 612,000 individuals.
After a federal court dismissed a class action lawsuit filed against Adventist Health System in the aftermath of a breach affecting 763,000 patients, another lawsuit was immediately filed in a state court. Find out the details.