A lawsuit alleging that federal regulations "unlawfully" restrict fees healthcare entities can charge for providing patients with copies of their health records shines a spotlight of confusion and obstacle around patients' "right to access" under HIPAA.
HHS has issued new health data privacy guidance and announced a contest to create an online "model privacy notice generator." Plus, it's issued a reminder about the importance of reviewing and securing audit logs to help prevent and detect breaches.
A physician who used her patients' information to aid her successful 2015 campaign for Virginia state senator in violation of the HIPAA Privacy Rule won't be sanctioned by federal regulators.
The transition to a new presidential administration makes forecasting for HIPAA enforcement activity in 2017 difficult, says privacy attorney David Holtzman of the consultancy Cynergistek, who sizes up what the HHS Office for Civil Rights might do this year.
Has the healthcare sector finally reached a data security tipping point? Dave Summitt, CISO of H. Lee Moffitt Cancer Center, and many of his peers think so. And it's about time.
The security of Internet-connected toys is in the limelight after toymaker VTech acknowledged suffering a data breach that affects 5 million accounts and personal information and photographs relating to more than 200,000 children.
Ireland's Cyber Crime Conference in Dublin drew a capacity crowd for a full day of security briefings, networking, hotly contested capture-the-flag and secure-coding challenges, as well as a chance to sharpen one's lock-picking skills.
TalkTalk's confusion in the wake of its recent data breach, as well as mangling of technical details and failure to encrypt customer data, demonstrate the importance of having an incident-response plan ready in advance of any breach, experts say.
Thou shalt not reverse engineer Oracle's products. That was the stunning diktat issued by Oracle CSO Mary Ann Davidson in a blog post that some are reading as a declaration of war against the security research community.
Akamai's John Ellis talks about the quick evolution of bots and botnets, and how enterprise security leaders should deal with them now using a three-pronged approach - detection, management and mitigation.
RSA Conference Asia Pacific and Japan starts July 22, and ISMG will be reporting to you from the conference floor. Here is our selection of some of the hottest sessions from the event agenda.
Does your organization really have a clear idea of what measures your business associates are taking to safeguard your most sensitive data? Yet another breach, this one affecting Arkansas Blue Cross Blue Shield, points to the risks.
Healthcare CIOs are lobbying for the creation of a unique national patient identifier to facilitate secure national health information exchange. Leslie Krigstein of the College of Healthcare Information Management Executives explains the initiative.
The lead cybersecurity official for Britain's GCHQ intelligence agency dismisses charges that the U.K. conducts mass surveillance. But critics question the government's introduction of the Investigatory Powers Bill.
Some healthcare associations are seeking more clarity from federal regulators about security and privacy requirements proposed for Stage 3 of the HITECH Act "meaningful use" incentive program for electronic health records. Find out their concerns.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.