Privacy & Security

Few consequences for health privacy law's repeat offenders
By Charles Ornstein | 10:44 am | December 30, 2015
Regulators have logged dozens, even hundreds, of complaints against some health providers for violating federal patient privacy law. Warnings are doled out privately, but sanctions are imposed only rarely. Companies say they take privacy seriously.
5 key takeaways from Cybersecurity Act of 2015
By Jessica Davis | 11:58 am | December 28, 2015
The law lays out a plan for instituting better security in healthcare but it will require a lot of work to get there.
Privacy & Security
10 most recent HIPAA breaches
By Bernie Monegain | 11:30 am | December 28, 2015
As the year 2015 draws to a close with a warning that healthcare -- more than ever before -- has become a target for cyber security attacks, we list the most recent data breaches reported to the HHS Office for Civil Rights.
National Science Foundation gives $10 million to cloud, mobile security team
By Bernie Monegain | 10:50 am | December 23, 2015
The National Science Foundation will provide a $10 million grant to researchers at several top universities to support their work on cloud and mobile network security in healthcare.
Digital Guardian nabs $66 million for cybersecurity, advanced threat protection, endpoint detection
By Bernie Monegain | 04:36 pm | December 21, 2015
Data security firm Digital Guardian has acquired $66 million in new capital it will use to bolster its roster of products for data protection, advanced threat protection and endpoint detection and response.
'Visual hacking' a big concern for healthcare, 3M report says
By Mike Miliard | 11:37 am | December 18, 2015
Healthcare organizations are bulking up their privacy protections with firewalls, encryption, data loss prevention software and more, but the much lower-tech visual hacking threat is still a concern, according to a new 3M educational campaign.
NIST moves to upgrade cybersecurity framework, solicits public for feedback
By Tom Sullivan | 04:26 pm | December 15, 2015
The National Institute of Standards and Technology plans to ratchet up its two-year-old security offering, dubbed the Framework for Improving Critical Infrastructure Cybersecurity, and has put out a public call for user feedback.
University of Washington Medicine pays $750,000 over security lapses tied to 2013 breach
By Bernie Monegain | 11:18 am | December 15, 2015
In 2013, the electronic protected health information of about 90,000 individuals was accessed after an employee downloaded an email attachment that contained malicious malware.
Healthcare breaches, cybercrime, ransomware to get worse in 2016, Symantec says
By Bernie Monegain | 12:29 pm | December 14, 2015
Symantec expects the healthcare industry will see more and worse of just about everything in 2016 ranging from cybercrime and data breaches to ransomware and attacks against infrastructure.
ONC offers 'corrections and clarifications' of 2015 Final Rule
By Mike Miliard | 11:20 am | December 11, 2015
In order to 'eliminate confusion and ambiguity' in its 500-plus page 2015 Edition EHR certification criteria, the Office of the National Coordinator for Health IT has added corrections to the Federal Register to help vendors better understand the final rule.