By David Harlow – In thinking about patient privacy, many folks assume that HIPAA is the first and last word on the subject. Nothing could be farther from the truth. Protected health information under HIPAA (PHI) is also protected by a variety of other federal and state regulatory schemes.
Read More
By Clyde Hewitt – If one lesson is clear from the constant stream of recent settlements announced by the Office for Civil Rights, it is that covered entities are not implementing risk management plans to reduce risks to protected health information (PHI) to an acceptable and appropriate level.
By David Holtzman – New Mexico became the forty-eighth state to enact a data breach notification law. Only Alabama and South Dakota remain without such requirements.
By John Nye – The US Department of Health and Human Services, OCR, published an advisory in the March issue of its “Cybersecurity Newsletter” warning of a well-known attack method known as the man-in-the-middle (MitM) attack.
By Matt Fisher – Access cannot be freely granted to data. Such is the reality of the world today. If a vendor is allowed to freely access, use or otherwise interact with data, unnecessary risk has been created.
At HIMSS 17 in Orlando I had a chance to sit down with two top executives from ClearDATA, Founder Chris Bowen and CTO Matt Ferrari. Here are audios and insights from both.
By Matt Fisher – Every day brings a new report of a security breach or other security based problem within healthcare. The unceasing cycle of issues gives rise to the question of what can and is healthcare doing about security and in particular cybersecurity.
By Gene Fry – For HIPAA covered entities and their business associates, keeping health data protected should be a top priority. Failing to do so can have disastrous consequences, not only by way of the civil and criminal penalties dealt out for breaching HIPAA’s rules.
By Arman Sadeghi – With so much of the data controlled by doctors and hospitals on electronic devices, including mobile devices, desktop computers, servers, and in the cloud, the security of that data is quickly becoming the most important aspect of HIPAA (not HIPPA) compliance.