The acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.
Your data is leaking and it's at risk.
Data is a crucial and pervasive asset of any healthcare organization, but to safeguard your most
valuable information—as well as that of your patients—there needs to be a shift in the data security
strategy to protect what really matters: the data itself.
Your data is...
As patients more commonly use smartphones and APIs to access their health information, critical security and privacy considerations need to be top of mind, says Micky Tripathi, the new national coordinator for health IT at HHS.
Micky Tripathi - a longtime health IT expert with deep roots in secure health information exchange and interoperability issues - will be the new head of the Department of Health and Human Services' Office of the National Coordinator for Health IT.
A Baltimore medical center that suffered a ransomware attack a month ago and pulled its electronic health record system offline as a precaution is finally beginning to restore access to the system, the organization's CEO says. It's the latest example of how cyberattacks can derail EHRs.
In the year ahead, healthcare organizations must be prepared to face an assortment of advancing security threats, including those that damage the integrity of critical patient data, says Rod Piechowski of the Healthcare Information and Management Systems Society.
Cybersecurity professionals operate in a dynamic environment driven by two accelerating forces; threat developments and the rapid adoption of new technologies. And yet most companies still rely on discrete snapshots of their security performance.
Healthcare organizations must cope with both forces - they have...
Many healthcare organizations are failing to address shortcomings in security risk management for their supply chains, says former healthcare CIO David Finn, describing findings of a recent study assessing the state of cybersecurity in the sector.
A 2014 data breach at Community Health Systems that exposed the protected health information of 6.1 million individuals has led to another round of government penalties. This time, the Franklin, Tennessee-based company has agreed to pay $5 million for a settlement with 28 state attorneys general.
In an exclusive interview, Roger Severino, director of the HHS Office for Civil Rights, which enforces HIPAA, spells out critical steps healthcare organizations must take to safeguard patient information and ensure patient safety in light of the surge in ransomware and other hacking incidents.
As the compliance dates approach for the Department of Health and Human Services' information blocking and health IT interoperability final rules, organizations need to avoid potential pitfalls, says privacy attorney Adam Greene.
The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.
The Department of Health and Human Services' Office for Civil Rights plans to issue a notice of proposed rulemaking to modify the HIPAA rules before the end of the year, says Timothy Noonan, the agency's deputy director for health information privacy.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.