Privacy & Security

Industry groups offer help with HIPAA
By Chris Anderson | 11:43 am | September 08, 2010
In an effort to help financial institutions understand how the HITECH Act and HIPAA directly affects their operations, four industry trade groups recently banded together to release a white paper "Compliance Guidelines for Financial Institutions in the Healthcare Sector: HITECH and the HIPAA Privacy and Security Rules."
HHS withdraws breach notification rule in wake of $1M Rite Aid case
By Diana Manos | 11:23 am | September 08, 2010
The Department of Health and Human Services withdrew its final breach notification rule for unsecured protected health information. Withdrawal of the rule came in late July, just days before the Rite Aid Corp. agreed to pay $1 million to settle potential violations of federal privacy rules.
Missing files highlight need for tighter security
By Molly Merrill | 11:14 am | September 08, 2010
As details about the back-up files that went missing from a Massachusetts hospital emerge, it's apparent that even with HHS' new proposed rules on security and privacy set to take effect soon, hospitals may still have to do more when it comes to protecting patient data.
Data breaches top of mind for IT decision makers
By Molly Merrill | 10:53 am | September 08, 2010
Preventing patient data breaches is cited as the number one priority for healthcare IT decision makers, but work remains for complying with security regulations, according to a national survey that examines IT trends in healthcare.

Please ask: People want control of their genetic data
By Bernie Monegain | 10:56 am | September 01, 2010
People want to be informed and asked for consent before deciding whether to share their genetic information in a federal database, according to a Group Health study that bills itself as the first to ask patients about sharing their data.
Blumenthal: Yale data breach a reminder of 'legal and moral obligation to protect privacy'
By Molly Merrill | 10:21 am | August 23, 2010
Yale School of Medicine is in the process of notifying approximately 1,000 individuals whose clinical health information was contained on a laptop computer that was recently stolen.
Tiger team clarifies patient consent rules for HIEs
By Mary Mosquera | 10:52 am | August 18, 2010
Health information exchanges cannot share sensitive patient information beyond a simple point-to-point exchange without first obtaining a patient's consent, concluded the federal privacy and security tiger team.
Expert weighs in on data loss at South Shore Hospital
By Molly Merrill | 11:47 am | July 26, 2010
A breakdown in data destruction protocols could help explain why back-up files containing information on 800,000 individuals were lost from a Mass. hospital after a data management company was hired to destroy them.
Connecticut AG fines Health Net $250,000 for data security violations
By Bernie Monegain | 11:02 am | July 07, 2010
Connecticut Attorney General Richard Blumenthal announced a $250,000 settlement - the first of its kind in the country - with healthcare insurer Health Net and its affiliates over health data security breaches.
Polls show patients ill-informed on IT
By Molly Merrill | 10:32 am | July 01, 2010
Less than one in 10 American adults use electronic medical records or e-mail their doctor, according to a new Harris Interactive/HealthDay poll.