How do data privacy and security matters affect organizations that are contemplating a merger or acquisition? Attorney Iliana Peters offers insights into cybersecurity, data breach and compliance issues that can potentially doom a deal.
Implementing standards for recording demographic data, and also sharing best practices, could help address the challenges involved in matching the right patient with all the right records, a new government study concludes.
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
Major health data breaches added to the official federal tally in 2018 impacted more than twice as many individuals as the incidents added to the list 2017. But the 2018 victim total was far less than in 2016 and 2015, when the healthcare sector was hit with a string of huge cyberattacks.
What impact would potential changes to HIPAA have on the healthcare sector? And what's the likelihood that HIPAA, indeed, will be modified - especially provisions that touch on privacy and security? Privacy attorney Kirk Nahra sizes up what's ahead.
Healthcare entities need to take a number of important steps to defend against cyberattacks involving remote access, say Chad Waters and Juuso Leinonen, security engineers at the ECRI Institute, which recently singled out hackers remotely accessing medical devices and systems as the No. 1 technology hazard.
In the latest in a series of HIPAA enforcement actions taken by states this year, Massachusetts Attorney General Maura Healey's office has signed a $75,000 consent judgment with McLean Hospital, a psychiatric facility, in connection with a breach that affected 1,500 individuals.
For the second time this year, health insurer EmblemHealth has been hit with a state financial penalty in connection with a 2016 breach that exposed Social Security numbers on mailings to more than 81,000 plan members.
Will the Department of Health and Human Services' request for feedback on potential changes to HIPAA eventually result in modifications to the regulation, including certain provisions that touch on privacy and security issues? There's a long road to travel before any changes actually might get made.
In its third enforcement action in recent weeks, federal regulators have hit a Colorado medical center with a HIPAA fine in a case involving failure to terminate a former employee's remote access to patient data. Other organizations can use the case as a "teachable moment," one attorney advises.
Two health IT professional associations are urging Congress to "modernize" HIPAA to extend patients' rights to securely access, view, download and transmit their health information - including health data not currently covered under HIPAA. Regulatory experts size up whether the proposed changes are feasible.
In a groundbreaking effort, the attorneys general of a dozen states have jointly filed a federal lawsuit against a cloud-based electronic health records vendor that reported a 2015 data breach affecting 3.9 million individuals.