The No. 1 reason Congress, after five years of intensive efforts, has yet to enact comprehensive cybersecurity legislation is differences over how much liability protection to grant businesses to get them to share cyberthreat information.
A free webinar will provide an overview and analysis of the results of the Healthcare Information Security Today survey, which finds that most organizations lack a documented infosec strategy.
A class action lawsuit against Stanford Hospital and Clinics and two business associates related to a 2011 breach affecting 20,000 patients has been settled, with the BAs picking up most of the tab.
What started as an investigation of a minor breach at a county health department in Washington state has ended in a HIPAA monetary settlement with federal regulators.
An address by FBI Director James Comey at the RSA security conference seems to equate civil liberties and privacy. But when he offers an example of balancing Americans' rights with cybersecurity, he mainly refers to the civil liberties, not privacy.
A government agency in Puerto Rico has levied a multi-million dollar HIPAA penalty against a health insurer for a 2013 breach involving a mailing error that affected only about 13,000 beneficiaries.
A new guide from WEDI offers some basic tips for organizations assessing incidents under the HIPAA Omnibus breach notification rule. But it's important to address additional factors for effective beach assessment and response, two experts say.
Covered entities and business associates will be under heightened data privacy and security scrutiny in 2014. But experts say there are several basic steps those organizations can take to ensure HIPAA compliance.
A recent spike in major health data breaches added to the Department of Health and Human Service's "wall of shame" website brings the total tally to 804 incidents. What's behind the upswing?
To avoid the risk of staff using social media to communicate about patients, healthcare organizations need to offer more secure alternatives, says security and privacy expert Andrew Hicks.
Another federal investigation of a relatively small health data breach has resulted in a financial penalty, this time for a physician group practice in Massachusetts. Find out the details behind the settlement.
HIPAA compliance training can play an important role in preventing breaches. But what are the key factors of a successful training program? Security and privacy expert Rebecca Herold offers insights.
Cottage Health System in California says patient information was apparently exposed on Google for 14 months because of a lapse in a business associate's protections for one of its servers. Experts discuss the implications for the BA.
Business associates have been involved with fewer major health data breaches so far this year, compared with 2012. Are they getting better at prevention, or are they just under-reporting breaches?
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.
