A risk analysis, as required under the HIPAA Security Rule, is a critical and foundational component of an effective risk management process that helps covered entities, and their business associates, to perform their mission and protect the health information entrusted to them.
The National Institute of Standards...
Physician group practices, many of which are adopting their first electronic health record system, need to make staff training on privacy and security issues a top priority, says Susan Turney, M.D., the new CEO at the Medical Group Management Association.
As officials prepare a public relations campaign to educate consumers about the privacy of electronically exchanged healthcare information, they're seeking additional information about the public's attitudes on the use of mobile devices to exchange data.
About 4.9 million patients treated in San Antonio area military treatment facilities since 1992 have been affected by a health information breach involving the theft of backup tapes for electronic health records.
With the announcement of a breach affecting 4.9 million patients in the Defense Department's TRICARE healthcare program, there have now been five incidents that each affected at least 1 million individuals since the HIPAA breach notification rule took effect.
Requiring even limited use of metadata tags for stage two of the HITECH Act's electronic health record incentive program is premature and inappropriate, three associations have told federal authorities.
Stanford Hospital & Clinics reports that a business associate's subcontractor caused a health information breach when information about 20,000 patients treated in the hospital's emergency department was posted on a website.
A new report to Congress about major healthcare information breaches shows that federal officials have yet to complete their investigations of corrective actions taken in the wake of 70 percent of incidents.
The Office of the National Coordinator for Health Information Technology has formally launched Query Health, a project to test standards for querying data from electronic health records to conduct research.
The American National Standards Institute has begun accepting applications from organizations that want to be accredited to certify electronic health records software for the HITECH Act EHR incentive program.