Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates have agreed to pay $1.5 million to settle potential HIPAA violations.
HIPAA violations are becoming more common around the nation. To find the source of the problem you have to "follow the money."
Heightened HIPAA enforcement continues, with the U.S. Health and Human Services taking its first-ever action against a state agency after a breach prompted an investigation.
After violating state and federal laws, South Shore Hospital has agreed to pay the price.
The decision to move to the cloud has always been wrought with anxiety over entrusting one's data to a third-party. Learning which questions to ask of a provider can help mitigate that concern.
Health care traditionally, compared with other industries, has lagged in terms of cyber defense, but with attackers now specifically targeting these organizations for patient data, inaction is no longer an option.
A privacy officer at a global company found a way to collaborate efficiently at a top level, while ensuring the protection of company assets, reports Greg Masters.
The BlueCross BlueShield settlement with the Office for Civil Rights is a reminder for health care organizations to bolster their data security, experts said.
HIPAA's new increased fines, penalties and enforcement actions have become a real business concern, say Glen Day and Reza Chapman, senior managers in the advisory services practice of Ernst & Young LLP.
The private medical records belonging to some 1,300 patients and/or their guarantors at Loma Linda University Medical Center in California were compromised when a former hospital employee violated policy.
Health care providers and their patients both have parts to play in the high-stakes game of protecting sensitive medical information, especially as technology becomes easier to implement and enforcement of regulations intensifies.
Data protection traditionally has lagged at health care organizations when compared to other industry verticals, and emerging technology like mobile devices and cloud computing doesn't make the challenge any easier.
Breaches into protected health information (PHI) are on the rise, and staffers are responsible for more than a third of the intrusions, a new survey has found.
In one of the largest health care data breaches this year, a computer containing hundreds of thousands of patient records was stolen from South Carolina's Spartanburg Regional Healthcare System.
UCLA Health System must pay $865,500 as part of a settlement with the U.S. Department of Health and Human Services (HHS) over complaints that employees snooped on the health records of two celebrities.
Given that a misrepresentation of the facts during attestation could result in civil and criminal penalties, what does a health care executive need to feel comfortable about before signing on the dotted line?
The prescriptive nature of the Payment Card Industry Data Security Standard, often referred to as PCI, can benefit even those companies not processing credit card transactions.
Maintaining protection of clinical data and patients' personal information is the top priority for a health care provider with a focus on mobile devices, reports Greg Masters.
Thirty-two employees were fired from two hospitals in Minnesota after they viewed electronic records belonging to patients who were hospitalized after overdosing at a house party, according to a report in the Minnesota Star-Tribune. The employees, who worked at Unity Hospital in Fridley and Mercy Hospital in Coon Rapids, do have access to certain records, but in this instance, had no legitimate reason to view the documents. As hospitals transition to electronic health care records, more instances of unauthorized access, such as cases last year in California, have cropped up.
For many small and midsize businesses, neglecting IT security is a thing of the past, reports Angela Moscaritolo.
A prudent firm should not wait until a clear and direct obligation exists before taking steps to secure its systems and processes.
Health care chief information security officers (CISOs) have to ask themselves, "What exactly are the security and privacy requirements around EHR?"
The move to electronic medical records presents challenges, but tech solutions offer help for health care practitioners, reports Greg Masters.
An insurance provider in Massachusetts had basic security measures in place, but these were not enough to be fully compliant with a strict, new state regulation, reports Greg Masters.
Security information and event management (SIEM) tools have frustrated many - yet they are here to stay, reports Beth Schultz.
The effects of last year's regulatory changes have already begun to surface, reports Angela Moscaritolo.
Pharmacy chain Rite Aid will pay a $1 million fine and take corrective actions to settle charges of violating the HIPAA Privacy Rule.
As health care entities face new compliance demands, a free framework could offer some help.
The author wades through NIST standards to help organizations select the best encryption technology to satisfy federal health care data protection mandates.
There are strategies to cope with customer expectations of privacy when there are no boundaries around their data, reports Deb Radcliff.