Privacy & Security

Nurses and doctors walk down a hospital hallway, one checks patient monitoring data on a tablet.
It's time FDA and CISA update their medical device agreement, says GAO
By Andrea Fox | 11:01 am | December 28, 2023
The watchdog agency said that it found the existing coordination agreement does not reflect "organizational and procedural changes," including the FDA's authority to find that medical devices in use violate federal law. 
Patient uses smartphone to research hospital information
NewYork-Presbyterian pays $300K to settle NY pixel tracking case
By Mike Miliard | 09:00 am | December 28, 2023
The hospital "failed to handle its patients’ health information with care," said Attorney General Letitia James. It has pledged to update its policies on third-party tools, ensure deletion of PHI gathered by those tools and boost its privacy safeguards.
Richard Staynings at Cylera_Doctor looking at brain scan on table Photo: katleho Seisa/Getty Images
Bringing AI into cybersecurity solutions
By HIMSS TV | 07:00 am | December 28, 2023
Being a cybersecurity professional has its difficulties – like tackling bad actors and working out how AI can improve or hinder strategies to ensure healthcare system security, says Richard Staynings, chief security strategist at Cylera.
Entrance to St Vincent’s Private Community Hospital in Griffith, New South Wales
St Vincent's Health reports data heist before Christmas
By Adam Ang | 04:07 am | December 27, 2023
Australia's largest not-for-profit health and aged care provider is still figuring out which data were "removed" by hackers.
computer code on a screen
How to implement healthcare cyber insurance
By Andrea Fox | 04:43 pm | December 21, 2023
The HHS 405(d) program has new resources to help small to large healthcare organizations navigate what's important when implementing cyber insurance.
FBI seal on an interior wall
FBI seizes Blackcat ransomware's server and site
By Andrea Fox | 11:31 am | December 21, 2023
The DOJ announced that the FBI also has decryptor keys for Blackcat ransomware victims and will "prioritize disruptions" as it works to "dismantle the ecosystem fueling cybercrime."
HIPAA Breach Notification Rule
How far will FTC expand Health Breach Notification Rule enforcement?
By Patricia A. Markus | 11:52 am | December 19, 2023
By creating new definitions and revising others, the proposed rule targets health and wellness technology companies operating outside of HIPAA and qualitatively expands the scope of what constitutes a PHR.
A nurse checking a patient's file on a laptop in the hospital corridor
Data privacy still a top concern for digitalisation in APAC
By Adam Ang | 03:05 am | December 18, 2023
Hospitals also worry about the lack of digital talent and the incompatibility of various digital solutions. 
Frank Forte of Anatomy IT on health IT vendors
Are hospitals and health systems today relying more on the skills of IT vendors?
By Bill Siwicki | 02:53 pm | December 14, 2023
One industry observer notes the massive digital transformation in how care is accessed and the historic increases in cyberattacks have been pushing more provider organizations to expect much more from their IT vendors.
The draft NIST differential privacy pyramid
NIST drafts privacy protection guidance for AI-driven research
By Andrea Fox | 12:25 pm | December 13, 2023
The National Institute of Standards and Technology created guidance for evaluating differential privacy algorithms that could allow data to be publicly released without revealing the individuals within the dataset.