After months of delay, a hearing has been scheduled to discuss a controversial accounting of disclosures proposal that calls for giving patients the right to a full report outlining who has accessed their records.
Two recent incidents at Oregon Health & Science University involved inappropriate storage of unencrypted patient information in the cloud. Experts weigh in on the fogginess of HIPAA Omnibus regarding cloud providers.
The Sept. 23 enforcement deadline for the HIPAA Omnibus Rule is less than two months away. Privacy and security experts offer tips for what needs to get done now in order to meet compliance milestones.
Under HIPAA Omnibus, many cloud computing providers are considered business associates directly liable for HIPAA compliance. What safeguards to protect health data should covered entities expect cloud providers to implement?
Under the new HIPAA Omnibus Rule, business associates and their subcontractors are now directly liable for HIPAA compliance. But what kinds of companies meet the definition of a business associate? Privacy attorney Stephen Wu explains.
Healthcare organizations aren't performing enough analysis of user behavior to detect possible insider threats, says security consultant Mac McMillan, who outlines the importance of auditing for abnormalities.
Insurer WellPoint has agreed to pay the Department of Health and Human Services $1.7 million to settle a HIPAA case stemming from a website data breach that may have exposed information on more than 612,000 individuals.