Jessica Davis
Compliance
The month-long window is the shortest turnaround from a state and doesn’t exempt the healthcare sector, effectively giving Colorado providers just half the time required by HIPAA to report.
Privacy & Security
House and Senate committees criticize department with essentially the same case sidelined Deputy CISO Leo Scanlon made in March.
Data Warehousing
The breach was contained to hashed passwords and usernames, but the DNA testing service site didn’t waste time notifying its users of the security incident.
Compliance
Since the Illinois health system signed with Epic in September, Cerner repeatedly challenged the contract for a conflict of interest and an unfair bidding process.
Compliance
A hacker told Holland Eye Surgery and Laser Center in March that they had accessed a patient list, but an investigation revealed that another access occurred back in 2016.
Analytics
HIMSS’ latest cybersecurity report highlights the continued Meltdown and Spectre threats that first appeared in early 2018, while outlining how hackers can easily exploit healthcare’s legacy systems.
Privacy & Security
The Advisory Board’s Allyson Vicars says health orgs need to lean on governance and engage the executive leaders to tackle cybersecurity issues.
Electronic Health Records
The agency’s Deputy Secretary Thomas Bowman announces his retirement, as Trump names yet another acting secretary to fill the post left by Robert Wilkie.
Privacy & Security
A hacker hit some email accounts of Aultman Health Foundation with a phishing attack in February, but officials didn’t discover the breach until March 28.
Compliance
The European regulation is much more stringent than HIPAA, and those health systems that handle EU patient data, even in the U.S., must adjust their privacy measures to comply.