One year after HIPAA Omnibus Rule enforcement began, why do so many healthcare entities and business associates continue to struggle with even the most basic requirements? Security expert Andrew Hicks offers insights.
Once the now-delayed HIPAA compliance audits resume, federal regulators will be conducting more on-site audits and fewer remote desk audits of covered entities and business associates than originally planned.
The federal tally of major health data breaches has grown substantially in recent weeks. Incidents added over the last month provide examples of the variety of risks that healthcare entities continue to battle.
The Massachusetts attorney general has reached a $150,000 HIPAA settlement with a Rhode Island hospital in the wake of a 2012 data breach that affected 14,000 patients, most of whom were from Massachusetts.
Johns Hopkins Health System has agreed to a $190 million settlement in a privacy violation case that involved a physician using a pen-like camera to secretly photograph female patients. Learn what the organization is doing to prevent other privacy incidents.
Prosecutors in Texas have taken the rare move of pursuing criminal charges against an individual for alleged HIPAA violations. The case is a reminder that health workers can face prison time and hefty monetary fines for wrongful disclosures of PHI.
Recent dismissals of two class action lawsuits related to an Advocate Health Care data breach spotlight how difficult it can be for plaintiffs to prevail in cases where there is no evidence of damages. But some changes might be on the way.
A Florida law that takes effect July 1 toughens the state's data breach notification statute by, in part, broadening the term "personal information" to include individuals' usernames and e-mail addresses under certain circumstances.
A new $800,000 HIPAA settlement between federal regulators and an Indiana community health system is another reminder that protecting paper patient records is just as important as safeguarding electronic records. Find out the settlement details.
It's well known that lost or stolen unencrypted computing devices account for the majority of large health data breaches. But a new report from the Department of Health and Human Services shines a light on how frequently breaches - especially smaller ones - involve paper records.
The federal tally of major health data breaches has hit a new milestone; it now lists more than 1,000 incidents affecting 500 or more individuals. Experts weigh in on the lessons to be learned from the details of these breaches.