The American Medical Association has issued a set of privacy principles for health data that it hopes Congress and regulators will keep in mind as they prepare legislation and regulations. In an interview, AMA Board Chair Jesse Ehrenfeld, M.D., describes the recommendations.
Don't forget to lock down online shared code repositories, as Mercedes-Benz parent company Daimler AG learned the hard way after a researcher was able to access nearly 9 GB of software development documentation from a misconfigured GitLab repository.
Security experts and law enforcement officials have long argued that paying ransoms doesn't pay. For starters, it directly funds the cybercrime ecosystem and makes it attractive for criminals to keep launching ransomware attacks.
Phishing scams continue to be a leading cause of health data breaches so far this year. But the theft of unencrypted laptops led to the biggest breach reported in 2020, and an insider breach involving a physician exposed data on thousands of patients.
Federal regulators are alerting healthcare organizations about an array of coronavirus-themed cyberthreats. Plus, they're advising them to avoid potential HIPAA privacy violations involving unauthorized disclosures of patient information to news outlets during the COVID-19 crisis.
Despite the need to battle COVID-19, several nations' in-development digital contact-tracing apps are already dogged by security and privacy concerns. Whether enough users will ever trust these apps to make them effective remains a major question. Is it too late to get more projects back on track?
Three recently disclosed health data security incidents - including the discovery of a large email hack that happened nearly a year ago - serve as reminders of the ongoing incident response challenges facing healthcare organizations. And these difficulties are likely to worsen during the COVID-19 crisis.
The use of telehealth is ramping up as a result of the COVID-19 pandemic. Now, the latest arrest in connection with a $410 million healthcare fraud case that includes a multi-million dollar telemedicine-related fraud scheme serves as a cautionary tale of how fraudsters can abuse telehealth.
Can you "big tech" a way out of a pandemic? Many governments around the world are trying, and Australia is joining the herd with a contact tracing app. But Australia has a splotchy record of large government tech projects, including in health, that may result in low voluntary adoption of an app.
As some cities and states recruit retired healthcare professionals, new medical school graduates and clinicians from other regions to assist in their COVID-19 responses, it's critical to ensure these workers understand the importance of protecting patient information, says privacy attorney Iliana Peters.
Healthcare professionals are on the front line in the war against COVID-19, and cybersecurity leaders bear unique pressure to support and secure their efforts. But amid this crisis, Anahi Santiago, CISO of ChristianaCare, also sees tremendous strides in telehealth delivery.
In the latest move to relax certain HIPAA requirements during the COVID-19 crisis, federal regulators Thursday paved the way for business associates to share protected health information for public health-related activities during the pandemic.
Recent HIPAA-related moves by federal regulators aim to improve information sharing and care coordination as the U.S. healthcare community battles the COVID-19 outbreak, says privacy attorney Kirk Nahra of the law firm WilmerHale. But some of the provisions could cause confusion, he notes.
An emerging technology, Vvendor Privileged Access Management (VPAM) can provide both operational efficiencies and increased security in your projected ROI analysis. And that is a rare combination in InfoSec these days.
The Trump administration on Tuesday announced immediate limited waivers of certain HIPAA privacy provisions to help improve patient care during the growing COVID-19 pandemic. For example, it's now OK for providers to offer telehealth services through certain applications that allow for video chats.