Is your company ready for September 23, 2013, the deadline for compliance with HIPAA 2.0? The revised omnibus privacy and security regulations incorporating HITECH expose a lot more companies to possible fines.
This is a quick reminder that the September 23 deadline for compliance with the new HIPAA regulations is rapidly approaching. Organizations that handle protected health information (PHI) need to be sure they are up to speed on the changes and ready to withstand scrutiny. In general, you will need new NPPs and BAAs (Notices of
Back in January I blogged about a shortcoming of HIPAA. HIPAA legislation is, in part, supposed to help protect our privacy when dealing with health care providers. Unfortunately there is a hole in the legislation that you can fly a Boeing 747 through. May of us have to log on to a web site to
Wearable technology and other health-related devices were big at the 2015 Consumer Electronics Show (CES) earlier this month. This recorded webinar explains why these and related technologies present big challenges for data privacy and security.
Many people in the US associate HIPAA with the rules required to protect medical data. It actually is a lot more than that, but the HIPAA laws do require some minimal standards for medical providers. I recently came across an example of where HIPAA is ineffective. The medical providers are required to protect your data,
The privacy and security of medical records is a matter of concern to many Americans now that most are now stored electronically, but is there cause for concern? And who is most concerned?
Encryption is essential to cyber security today, with encryption of personally identifiable information (PII) being a top priority for organizations large and small, to protect customers and avoid fines and penalties after data breaches.
Are legislation and regulation a viable means of making people and organizations do better at securing data systems and devices? I’m not talking about FIAT the car maker, but fiat: “an official order given by someone who has power.” How’s that working in light of NIST CSF and HIPAA?
What are the immediate practical implications of the Snowden-prompted revelation that the NSA has broken or circumvented a lot of commercially available encryption? For a start, you should not stop using encryption, but you may want to review how you use it moving forward, Stephen Cobb explains.
Did you know that medical data on 20,000 people may be exposed to abuse today? As a healthcare practitioner, you may not be aware of the value of the data in your care, but criminals certainly are.
Most people would agree that personal information, particularly health information, especially that pertaining to the brave men and women who serve in our armed forces, should be treated with care and protected from prying eyes at all times. But what should happen if this information is compromised? Surely we should do whatever we can to make sure no harm
An infographic of recent healthcare IT security statistics paints a striking picture of much security work yet to be done, even as new medical privacy regulations go into effect.
Last week there was a report of a "health data breach" at Indiana University School of Medicine, hot on the heels of the "medical privacy breach" the week before at Stanford Hospital in Palo Alto, California. In the Stanford breach, a commercial website was found to contain data relating to 20,000 emergency room patients including
It’s that time of the year when the information security industry takes part in its annual tradition: coming up with cybercrime predictions and trends for the next 12 months.
Risk analysis is the first step towards managing risks, particularly when it comes to cyber risks. This recorded webinar introduces and explains key concepts, with links to several useful risk assessment tools.
OFAC will soon be enforcing economic and trade sanctions against individuals and groups outside the United States that use cyber attacks to threaten U.S. foreign policy, national security or economic stability.