Cybersecurity

The digital security of healthcare institutions and data is a growing concern, with an increasing number of cyberattacks each year against healthcare systems, which are seen as easy targets. Cyber attacks often use ransomware to target personal health information, patient data and medical devices to cut off access to the data until a ransom is payed to the hacker. Cybercriminals have become more sophisticated, using malware, ransomware and spyware to attack outdated and vulnerable systems and software. Due to the interconnected nature of hospital IT systems today, the weakest link can be older web-enabled medical devices, including clinical and non-clinical systems. Employees are also a major target of attacks via malicious e-mails that prompt them to open attachments that then download malware onto the hospital's IT system.

RSS icon

CMS pushes HIPAA compliance enforcement back 90 days

The Centers for Medicare & Medicaid Services’ (CMS) Office of E-Health Standards and Services (OESS) has decided not to initiate enforcement action until March 31, with respect to HIPAA-covered entities (including health plans, healthcare providers and clearinghouses, as applicable) not compliant with the operating rules adopted for the following transactions as required by the Patient Protection and Affordable Care Act: eligibility for a health plan and healthcare claim status. Notwithstanding OESS’ discretionary application of its enforcement authority, the compliance date for using the operating rules remains Jan. 1.

HHS collects first settlement over smaller breach

The Hospice of North Idaho has agreed to pay the U.S. Department of Health and Human Services (HHS) $50,000 to settle potential violations of the HIPAA Security Rule. This is the first settlement involving a breach of unprotected electronic protected health information affecting fewer than 500 individuals.

Small hospital suffers big breach

A stolen laptop is the source of a data breach impacting 29,000 patients of Gibson General Hospital.

Kentucky Medicaid breach due to computer scam

More than 1,000 Kentucky Medicaid beneficiaries have been notified that their data may have been compromised as part of a computer scam.

4,000 patients impacted in Michigan data breach

The theft of electronic equipment from a vendor employee's car has prompted the University of Michigan Health System (UMHS) to alert approximately 4,000 patients that some of their demographics and health information may have been exposed.

Walgreen's faces $16M penalty for illegal record dumping

The Walgreens drugstore chain will pay $16.6 million to settle a California case involving improper disposal of hazardous waste, including confidential patient information, in dumpsters near their stores.

HHS issues guidance on de-identification of patient data

The Department of Health and Human Service’s (HHS) Office for Civil Rights has issued guidance regarding two methods for de-identification of protected health information to assist covered entities understand what de-identification is and how de-identified information is created.

OCR Director Leon Rodriguez: ‘Enforcement breeds compliance’

The HITECH Act tasked the Office for Civil Rights within the Department of Health and Human Services with auditing HIPAA-covered entities to ensure personal health information is being protected. Since then, the office has turned its attention to enforcement, according to OCR Director Leon Rodriguez, JD, who spoke Dec. 13 at the Privacy and Security Forum hosted by the Health Information and Management Systems Society and Healthcare IT News.

Displaying 825 - 832 of 890

Around the web

Cardiovascular Business
FDA says years-long tirzepatide shortage is resolved, will give limited leeway to compounders

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

AI in Healthcare
From Capitol Hill to a hospital near you? 5 federal recommendations for healthcare AI policy

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Cardiovascular Business
Merck spends up to $2B to license new weight loss drug with potential heart benefits

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.