The recent decision by a Massachusetts-based hospital to pay a ransom in exchange for promises by the attackers to destroy stolen data spotlights the difficult choices many healthcare entities face in the wake of cyberattacks.
The former CEO and co-owner of two hospice agencies has pleaded guilty in a multimillion-dollar fraud conspiracy case that involved gaining unlawful access to patients' electronic medical records to identify and recruit Medicare and Medicaid beneficiaries for hospice care - whether or not they were terminally ill.
Hacking incidents - including ransomware attacks, phishing scams and episodes involving vendors - are still the dominant culprits in major health data breaches being reported to federal regulators so far this year. Why?
The COVID-19 pandemic has spotlighted an array of evolving patient privacy issues that legislators and regulators will need to address in the year ahead, say government policy experts Mari Savickis and Cassie Leonard of the College of Healthcare Information Management Executives.
In an exclusive interview, Roger Severino, director of the HHS Office for Civil Rights, which enforces HIPAA, spells out critical steps healthcare organizations must take to safeguard patient information and ensure patient safety in light of the surge in ransomware and other hacking incidents.
Federal prosecutors say an electronic health records vendor has agreed to pay $500,000 to settle a whistleblower case about the software maker allegedly falsifying testing results in 2015 to obtain certification for participation in the HITECH Act meaningful use incentive program.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
As more hospitals seek new methods for collecting payments from patients, they face the challenge of securing those transactions, says Dan Berger of AxiaMed, who describes HIPAA and PCI compliance issues in an interview at the HIMSS19 conference.
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
Arizona-based Banner Health, which operates 29 hospitals, says it's notifying 3.7 million individuals that their data was exposed in a "sophisticated cyberattack." An initial attack against payment card processing systems apparently opened the door to the attackers accessing healthcare data.
Proposed new federal regulations would end the HITECH Act electronic health records "meaningful use" incentive program for physicians treating Medicare patients and replace it with a simplified program as part of a sweeping payment revamp. What impact would the Medicare change have on data security requirements?
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?