Features
Features
-
What is the Health Breach Notification Rule, Who Does It Apply To?
The Federal Trade Commission’s Health Breach Notification Rule applies to vendors of personal health records, including health apps and other non-HIPAA-covered entities. Continue Reading
-
How updated third-party tech guidance affects compliance efforts
In its updated bulletin on third-party tracking tech, OCR doubled down on its stance that an IP address of a device accessing certain parts of a covered entity’s website constitutes PHI. Continue Reading
-
3 ways to prepare for impending HIPAA Security Rule updates
Covered entities and business associates should prepare for changes as HHS plans to update the HIPAA Security Rule this spring. Continue Reading
-
Understanding the Impact of the Change Healthcare Cyberattack on Providers
From major pharmacy chains to independently owned practices, providers across the country are facing significant operational challenges as the Change Healthcare outages continue. Continue Reading
-
Healthcare Faces Uncertainty Amid Change Healthcare Cyberattack
Business continuity remains paramount as the fallout from the Change Healthcare cyberattack continues. Continue Reading
-
This Year’s Largest Healthcare Data Breaches
More than 540 organizations reported healthcare data breaches to HHS in 2023, impacting upwards of 112M individuals. Continue Reading
-
Understanding the Nuances of the Healthcare Cybersecurity Regulatory Landscape
A patchwork of key healthcare cybersecurity and privacy regulations aim to keep cyber threats at bay, but compliance can be challenging. Continue Reading
-
Communicating With a Patient’s Family Under the HIPAA Privacy Rule
Providers must ensure that they are following the HIPAA Privacy Rule when choosing to disclose a patient’s protected health information with the patient’s family and friends. Continue Reading
-
Biggest Healthcare Data Breaches Reported This Year, So Far
More than 39 million individuals have been impacted by healthcare data breaches reported in the first half of 2023 alone. Continue Reading
-
Aligning Substance Abuse Confidentiality Regulations With HIPAA to Enhance Compliance
Covered entities are awaiting a final rule that would align the Confidentiality of Substance Use Disorder (SUD) Patient Records regulations under 42 CFR part 2 with HIPAA. Continue Reading
-
How to Properly Dispose of Electronic PHI Under HIPAA
HIPAA requires covered entities to implement appropriate safeguards to protect electronic PHI throughout its lifecycle. Continue Reading
-
How to Properly Dispose of Paper Medical Records, Physical PHI Under HIPAA
HIPAA requires covered entities to implement appropriate administrative, technical, and physical safeguards to protect PHI at all times, even when disposing of it. Continue Reading
-
Exploring the HIPAA Privacy Rule’s Right of Access Provisions
HIPAA-covered entities must comply with the HIPAA Privacy Rule’s right of access provisions, which ensure that patients have access to their health records in a timely and cost-effective manner. Continue Reading
-
How BCBS MA Combats DME, Telemedicine Fraud Schemes
With just a snippet of personal information, scammers are roping in providers and tricking seniors into elaborate DME and telemedicine fraud schemes. Continue Reading
-
How Healthcare is Tackling Patient Privacy in a Post-Roe World
The Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization will require providers, regulators, and tech companies to rethink patient privacy. Continue Reading
-
Operational Technology (OT) Security Risks, Best Practices in Healthcare
As healthcare becomes increasingly interconnected, organizations should prioritize operational technology (OT) security efforts alongside IT security. Continue Reading
-
Common HIPAA Administrative Safeguards Under The HIPAA Security Rule
HIPAA administrative safeguards are crucial measures that all covered entities must consider under the HIPAA Security Rule. Continue Reading
-
Common HIPAA Physical Safeguards Under The HIPAA Security Rule
HIPAA physical safeguards are crucial to protecting electronic protected health information (ePHI) and are essential to maintaining HIPAA compliance. Continue Reading
-
Common Types of Social Engineering, Phishing Attacks in Healthcare
Phishing remains one of the most effective social engineering attacks used against healthcare organizations. Continue Reading
-
What is the HIPAA Privacy Rule?
The HIPAA Privacy Rule protects patient privacy while enabling the flow of health information. Continue Reading
-
What is the HIPAA Security Rule?
The HIPAA Security Rule requires covered entities and business associates to implement technical, physical, and administrative safeguards. Continue Reading
-
Misconceptions About HIPAA, Interoperability, Information Blocking
At the HealthITSecurity virtual summit, panelists discussed common misconceptions surrounding HIPAA, interoperability, and information blocking. Continue Reading
-
The Quest to Improve Security, Privacy of Third-Party Health Apps
WEDI and the Confidentiality Coalition proposed recommendations for improving the transparency, security, and privacy of third-party health apps with access to PHI. Continue Reading
-
Your Responsibilities Under the HIPAA Breach Notification Rule
After experiencing a PHI breach, HIPAA-covered entities and business associates must comply with reporting requirements under the HIPAA Breach Notification Rule. Continue Reading
-
Driving Digital Transformation in Healthcare With Industry Clouds
Industry clouds allow healthcare organizations to accelerate digital transformation and tailor cloud technology to specific business needs. Continue Reading
-
HIPAA Technical Safeguards: A Basic Review
It’s critical to review the requirements of HIPAA technical safeguards to ensure that your healthcare organization is compliant and able to keep PHI safe. Continue Reading
-
What Is a HIPAA Business Associate Agreement (BAA)?
HIPAA-covered entities must have a business associate agreement (BAA) in place with each of their partners to maintain PHI security and overall HIPAA compliance. Continue Reading
-
Managing Telehealth, Remote Patient Monitoring Security Concerns
Industry experts weigh in on how the healthcare sector can manage telehealth and remote patient monitoring security concerns. Continue Reading
-
PCI Compliance Versus HIPAA Compliance In Healthcare
Maintaining PCI compliance and HIPAA compliance can help healthcare organizations protect all forms of patient data, from medical information to credit card numbers. Continue Reading
-
Pros and Cons of Public, Private, Hybrid, Multi-Cloud Architectures
Healthcare organizations must consider scalability and security risks when it comes to choosing between a public, private, hybrid, or multi-cloud architecture. Continue Reading
-
Top Healthcare Cybersecurity Challenges, How to Overcome Them
With a multitude of critical data and patient safety hanging in the balance, there is a unique set of healthcare cybersecurity challenges that must be carefully considered. Continue Reading
-
How to Implement a Cyber Incident Response Plan for Healthcare
Creating a comprehensive cyber incident response plan can help healthcare organizations maintain reputation and patient safety. Continue Reading
-
Status, Challenges of Information Blocking Rule Compliance
The Information Blocking Rule compliance deadline passed in April 2021, but questions about electronic health information sharing remain. Continue Reading
-
The Threat of Distributed Denial-Of-Service Attacks in Healthcare
Rapid7’s chief data scientist explores the threat of distributed denial-of-service (DDoS) attacks in healthcare and how to prevent the emerging threat. Continue Reading
-
De-Identification of PHI According to the HIPAA Privacy Rule
The two HHS-approved methods for the de-identification of PHI can aid in clinical research while ensuring HIPAA compliance and patient privacy. Continue Reading
-
Key Differences Between PHI and PII, How They Impact HIPAA Compliance
Covered entities must understand the differences between PII and PHI to maintain HIPAA compliance and protect patient data. Continue Reading
-
Insights into HHS COVID-19 HIPAA Waivers and Lasting Implications
HHS and OCR have issued several COVID-19 HIPAA waivers around telehealth and data sharing amid the pandemic. But it’s crucial providers keep privacy and security in focus. Continue Reading
-
What Is Cyber Insurance for Healthcare Organizations?
In the wake of recent data breaches, healthcare organizations are turning to cyber insurance to offset some of the costs. Here’s what they need to understand about assessing insurers and policies to ensure adequate coverage. Continue Reading
-
Complying with the HIPAA Privacy Rule During Emergency Situations
The last thing on healthcare professionals’ minds in emergency situations is complying with the HIPAA Privacy Rule, but it should be a priority. Continue Reading
-
Data Security Considerations in Healthcare Interoperability
The national push for healthcare interoperability continues to gain strength, but there are key data security areas that covered entities must consider as they implement new technologies. Continue Reading
-
HIPAA Data Breaches: What Covered Entities Must Know
Covered entities and their business associates need to understand the basics of how HIPAA data breaches are determined, and what they can do to keep information secure. Continue Reading
-
The Role of Risk Assessments in Healthcare
Healthcare risk assessments are not only required under HIPAA regulations, but can also be a key tool for organizations as they develop stronger data security measures. Continue Reading
-
Increased EHR Adoption Raises Need for Robust Security
Recent cybersecurity attacks on health systems and hospitals shine the light on the importance of EHR security Continue Reading