Compliance & Legal

The HSA company says it has discovered "unauthorized access to and potential disclosure of protected health information and/or personally identifiable information stored in an unstructured data repository outside our core systems."

The plaintiffs claim that Change failed to implement cybersecurity safeguards such as multifactor authentication.

Some industry leaders are concerned about compliance time frames. Others say unstructured data won't be tapped to its fullest potential under the proposed rule.

Writing to the health secretary and the deputy national security advisor, the lawmaker cited recent cyber hygiene failures by healthcare organizations and asked the agency to propose mandatory minimum cyber standards already under consideration.

The defendants allegedly caused the hospital to pay vendors for goods and services they knew had not been provided.

Zubin Khambatta, a healthcare attorney and partner at Holland & Knight, unpacks the rule, which was to go into effect on July 9 but has been challenged by the state of Texas.  

Celo's HIPAA-compliant messaging app allows care teams to share information easily without compromising patients' privacy. Jack Clough, the company's chief growth officer, shares more about the technology.  

While the healthcare group "strongly supports" CIRCIA's security goals, it's urging the Homeland Security agency to "consider the challenges covered entities face during and immediately after experiencing a cyberattack."

C-suite leaders and other executives from EHR, analytics, clinical automation and managed services firms see enforcement of the new Cures Act final rule as an overdue "step in the right direction."

Not only are the HHS information blocking disincentives too steep, but they could also interrupt accountable care organizations' shift to value-based care, the organizations argue. Meanwhile, the EHR Association says the regs are "too narrowly focused."