Compliance & Legal

The former employee's access to patient data and health information was outside the scope of their job functions and was without a reasonable basis, the health plan says.

The agency's first coordinated action against individuals using business email compromise and money laundering schemes to target healthcare payers uncovered $11.1 million diverted from Medicare, Medicaid programs, private health insurers and others.

The merged capabilities will create a more robust nonprofit compliance and risk-management partner focused on increasing trust in and accreditation programs for healthcare organizations.

Assessing how to counter growing threats and attacks.

Oscar Miranda, chief technology officer for healthcare at Armis, notes that regulations are defined baselines yet security goals often exceed them, and the disconnect is a common theme in healthcare.

With security concerns, including a potential breach and a class-action suit, around Meta Pixel and other web tracking tools, health systems should be considering "all the ways PHI may be used, disclosed and accessed," says a former OCR investigator.

The in-person Boston event will gather health system CISOs, security directors, and other IT and infosec leaders to share strategies for risk mitigation in an ever more complex threat landscape.

Building a better way forward through strategic partnership.

The state HIE joins other members in pursuing voluntary TEFCA participation as a Qualified Health Information Network to expand data connectivity and interoperability.

His paper calls for a federal healthcare cybersecurity leader and discusses key challenges for regulatory agencies, as well as potential mandates and incentive programs. One industry CISO comments.