Federal prosecutors say Practice Fusion - a unit of Allscripts - will pay $145 million to settle civil and criminal investigations related to its electronic health records system. The case includes a kickback scheme involving opioids as well as false claims regarding HITECH Act certification compliance.
A California healthcare provider took nearly seven months to report to regulators a phishing incident that exposed information on 200,000 patients. Security experts are analyzing whether the delay could be justifiable.
The British government continues to delay deciding whether it will ban Chinese networking gear from its national 5G rollout, as the Trump administration demands. But with future trade deals on the line as the U.K. navigates its "Brexit" from the EU, Britain cannot afford to anger either Beijing or Washington.
Corporate network security breaches, which can prove costly to remediate and expose a company to lawsuits, are frequently the result of vulnerabilities that could have been fixed for a relatively low cost. A a brute force penetration test is a critical first step in finding those vulnerabilities.
In a bizarre "whistleblower" case, federal prosecutors have charged a Georgia man in connection with an alleged "intricate scheme" involving falsely reporting that a Savannah hospital worker committed criminal HIPAA violations.
Not even George Orwell could have predicted nation-state surveillance in the 21st century. Give us free instant messaging for our smartphones, and faster than you can say "viral kitten video," we're collectively part of a mass surveillance nightmare. Case in point: The ToTok social messaging app.
Protecting enterprise networks from attackers boils down to the same thing: Unless organizations get the basics right, they're sitting ducks. That's a top takeaway from experts warning that Iran will likely retaliate with cyberattacks after one of its senior military leaders was killed by a U.S. drone strike.
Federal regulators have smacked a Georgia-based ambulance company with a financial settlement and corrective action plan in a case involving "longstanding" HIPAA compliance issues. How big was the fine, and what factors precipitated it?
How do hospitals' efforts to bolster information security in the aftermath of data breaches potentially affect patient outcomes? Professor Eric Johnson of Vanderbilt University discusses research that shows a worrisome relationship between breach remediation and the delivery of timely patient care.
What are some of the most important health data privacy and security regulatory developments to watch in 2020? Privacy attorney Kirk Nahra of the law firm WilmerHale discusses what he sees as the top five issues in the year ahead.
For the second time in recent months, federal regulators have slapped a healthcare provider with a HIPAA financial settlement in a case involving patients' rights to access their health information. Why is this an ongoing compliance problem?
Ascension healthcare system's sharing of data with Google on millions of patients is drawing increased scrutiny from members of Congress as well as privacy advocates. What are the major areas of concern?
Black Hat Europe returned to London last week, featuring two days of briefings covering topics from cryptography and breach response to exploit development and application security. Plus, a packed business hall offered technical demonstrations. Here are visual highlights of the event.