By Art Gross – As a healthcare leader, you know that protecting patient data and ensuring cybersecurity compliance is a never-ending battle. Cyber threats are constantly evolving, and regulations are frequently updated to address new risks.
Read More
By Matt Fisher – When the likely inevitable data breach occurs, who is responsible for sending the notice? Does the answer change when a breach is bigger? Does the answer change because a business associate is involved? Understanding ahead of time is informative, especially since the issue has been thrown into the spotlight by the big breach at Change Healthcare.
By Art Gross – The OCR is preparing to launch a new round of audits in 2024 to assess compliance with the HIPAA Security Rule across the healthcare sector. After long delays, HIPAA-regulated entities can expect increased scrutiny on their security practices and risk management programs.
By Susan Clark – Just as there are what I like to call Clonnections between people, there are also likely Clonnections between previous jobs or responsibilities that you had no idea would apply to what you’re doing now. At least, that is what’s happening to me at DirectTrust.
In case you missed it, this is recent communication from the Centers for Medicare & Medicaid Services. Subscribe to their email lists to keep up to date on all press and news releases.
By Matthew Fisher – mHealth applications focused on women’s health are drawing a fair amount of attention when it comes to privacy practices. These FemTech applications are designed to help individuals personally track different aspects of their health. How does FemTech approach privacy?
By Matthew Fisher – On the heels of recent settlements concerning the use of personal and health information, the Federal Trade Commission is continuing its push on the healthcare front. The latest action is the finalization of changes to the Health Breach Notification Rule.
By Matthew Fisher – The FTC recently reasserted itself into the privacy discussion when it comes to healthcare information. Given the defined scope of HIPAA that does not cover a number of growing areas where healthcare data can be found, it is important to remember that agencies beyond the HHS OCR can act to require protection.
By Matthew Fisher – The OCR announced yet another settlement action involving the HIPAA Right of Access. It is a reminder that right of access remains a focal point for OCR even though cyberattacks formed the basis for settlements announced earlier in 2024.