Attorney Ellen Giblin describes who should be involved in determining whether a breach should be reported in compliance with the new breach notification requirements of the HIPAA Omnibus Rule. She also offers other compliance insights.
A class action suit has been filed against Advocate Medical Group following the theft of four unencrypted computers that may have exposed data on 4 million patients. Learn more about the allegations the lawsuit makes.
DDoS is a complex problem that represents a serious risk to the enterprise, and effective mitigation demands extensive preparation before the attack arrives. Organizations need a strategy that keeps local connections up at the beginning of an attack, and then cleans the upstream traffic prior to it reaching the...
The theft of four unencrypted computers from a Chicago area medical practice may affect 4 million patients. But the big question is: Why do breaches involving unencrypted computer devices still occur?
The best way to handle a serious data breach is to prevent it. While no security system is 100% effective, it's been noted that a substantial number of major breaches were very preventable. But organizations didn't take what can be simple and inexpensive steps to close the holes that are often exploited by those who...
The recent theft of four unencrypted computers from the Chicago-area Advocate Medical Group physicians practice may have exposed the personal data of more than 4 million patients.
To build credibility for its HIPAA enforcement efforts, the Department of Health and Human Services needs to ramp up its breach prevention efforts for the health insurance exchanges slated to begin operations Oct. 1.
Under HIPAA Omnibus, business associates and subcontractors are liable for compliance, including penalties for data breaches. But what happens if those vendors are located outside the U.S.?
Although OCR has changed its standard for determining breaches under HIPAA Omnibus to a more objective assessment, it's still unclear whether the previous harm standard is truly a thing of the past.
Improper disposal of protected health information poses significant risks, as recent breach incidents demonstrate. That's why organizations need to do a better job vetting disposal companies and verifying that data or devices are actually destroyed.
How is one of the nation's top 20 bank holding companies fighting fraud? Find out directly from Matthew Speare, Senior Vice President of Information Technology for M&T Bank Corporation, as he spends an hour taking your questions about a variety of banking fraud topics, including:
Account takeover trends and the...
Two recent incidents at Oregon Health & Science University involved inappropriate storage of unencrypted patient information in the cloud. Experts weigh in on the fogginess of HIPAA Omnibus regarding cloud providers.
After organizations update their policies and procedures to comply with the new breach notification requirements of HIPAA Omnibus, they must thoroughly test their response plans, attorney Ellen Giblin stresses.
Forty-seven percent of surveyed organizations have suffered a cyber attack in the past year. So, how equipped are global organizations to detect and defend against cyber attacks before they take root in endpoints and servers?
Register for the 2013 Cyber Security Study results webinar to learn more about:
The...
How Organizations Respond to Today's New Breed of Cyber-Attacks
From sophisticated new forms of malware to nation-state sponsored attacks and the advanced persistent threat, cybersecurity incidents have evolved at a rapid pace and are taking down entire networks, successfully stealing sensitive data and costing...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing omnibus.healthcareinfosecurity.com, you agree to our use of cookies.