MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.
The acquisition of the SAFE Identity consortium and its trust framework by DirectTrust, best known for creating and maintaining trust frameworks for secure email messaging in healthcare, will help facilitate new secure health information exchange use cases, says DirectTrust CEO Scott Stuewe.
While the wait continues for the Biden administration to name a new leader for the Department of Health and Human Services' Office for Civil Rights, the HIPAA enforcement agency recently issued its 20th settlement to date in a case involving a patient "right of access" dispute.
While a final rule for enforcement of the 21st Century Cures Act information blocking regulations is slated to be issued this month, some regulators are still uncertain that timeline will stick, or when other related unresolved details will be disclosed.
As federal regulators intensify their focus on compliance with requirements to provide patients with access to their health information, healthcare organizations need to sort through a variety of emerging challenges, says health information management and privacy expert Rita Bowen.
In the year ahead, healthcare organizations must be prepared to face an assortment of advancing security threats, including those that damage the integrity of critical patient data, says Rod Piechowski of the Healthcare Information and Management Systems Society.
The eHealth Initiative and the Center for Democracy and Technology are seeking feedback on their draft privacy framework that addresses gaps in legal protections for consumer health data falling outside of HIPAA's regulatory umbrella, says eHI CEO Jennifer Covich Bordenick.
Never store hardcoded credentials in code uploaded to public-facing GitHub repositories, and make sure none of your business associates are doing that. Those are just two takeaways from a new report that describes how nine organizations were inadvertently exposing health records for at least 150,000 patients.
Healthcare organizations need to diligently assess whether a security incident involving patient information truly qualifies as a reportable breach under HIPAA to avoid needlessly reporting it to federal regulators, says regulatory attorney Helen Oscislawski.
More than two dozen healthcare organizations and technology firms have formed a coalition to help address the COVID-19 crisis by using secure information sharing and data analysis. But observers warn the group must devote enough attention to privacy and security issues.
This webinar provides attendees with an overview of machine learning services and examples of outcomes from the AWS, Google and Microsoft Azure clouds. It will address challenges and opportunities in gleaning insights from large data sets. Presenters will also share what ClearDATA is doing to help organizations make...
The Australian government's digital health records program manages risk and privacy relatively well, according to a new audit, but there's room for improvement in third-party risk management and emergency access to sensitive health records.
Endpoint detection and response tools and other related security technologies are critical weapons for defending against cyberattacks, says Larry Whiteside, the new CISO at Greenway Health, an electronic health records company.
The organization that manages IT for Singapore's public healthcare sector says it has terminated, demoted or financially penalized several employees for their roles in the handling of a 2017 cyberattack on SingHealth, the nation's largest healthcare group. What do U.S. security experts think of these measures?
The digital revolution has given healthcare organizations new tools to increase team efficiency and improve their customer experience. But it's also opened up new vectors that cybercriminals can use to attack. As your attack surface expands to web infrastructure that you don't own or control, it becomes increasingly...