A radiology technician allegedly inappropriately accessed thousands of patient records for more than eight years, according to a newly filed breach report from Kaiser Permanente Health Plan of the Mid-Atlantic States. The incident is yet another example of the challenges of dealing with insider threats.
The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
What are some of the critical considerations for aligning strong security controls with the workflow needs of clinicians? Omar Khawaja, CISO of Highmark Health, which includes health plans and a healthcare delivery system, discusses key issues.
As healthcare organizations across the U.S. respond to the COVID-19 crisis, the list of security and privacy challenges CISOs face continues to grow. Mitch Parker, CISO of Indiana University Health, provides an update on the changing risk management landscape.
More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.
The Department of Health and Human Services Monday released its long-awaited interoperability and information blocking final rules. The aim of the rules is to provide patients with easy, secure access to their electronic health information - from electronic health record systems as well as from payers.
Three U.S. senators are demanding more answers from Catholic healthcare system Ascension and Google over "Project Nightingale," which is part of a controversial data-sharing and cloud migration initiative that has raised concerns about sharing patient information without explicit permission.
Despite ongoing uncertainty about the worldwide spread of the coronavirus, the Healthcare Information and Management Systems Society Conference 2020 is still slated to kick off on March 9 in Orlando - and President Trump has been added as a speaker, the organization announced on Monday.
A home healthcare company has filed 17 breach reports after a ransomware attack on its cloud-based electronic health records vendor last December, illustrating once again how a vendor breach can have a wide impact.
Hundreds of pediatric healthcare providers in Massachusetts were still unable to access their electronic health record systems Thursday after a malware attack earlier this week on a large physician network affiliated with Boston Children's Hospital. What can others learn from the incident?
As healthcare providers around the world prepare to deal with potential cases of the novel coronavirus, U.S. regulators are reminding organizations about their HIPAA compliance duties involving patient privacy, including permitted data disclosures for public health activities.
As health data privacy concerns heat up to a boiling point on multiple fronts, it's more essential than ever that patients get a clear opportunity to make a choice about whether their data is shared, says privacy advocate Twila Brase, who heads the Citizens' Council for Health Freedom.
As the wait continues for federal regulators to issue final rules for health IT interoperability and information blocking prevention, some industry stakeholders are raising serious concerns about the privacy of patient data accessed and shared using application programming interfaces and mobile consumer apps.
A federal court has invalidated certain HITECH Act provisions and Department of Health and Human Services' guidance related to patient requests for copies of their health records, creating new requirements for compliance officers and others to follow.