The recent decision by a Massachusetts-based hospital to pay a ransom in exchange for promises by the attackers to destroy stolen data spotlights the difficult choices many healthcare entities face in the wake of cyberattacks.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
As more hospitals seek new methods for collecting payments from patients, they face the challenge of securing those transactions, says Dan Berger of AxiaMed, who describes HIPAA and PCI compliance issues in an interview at the HIMSS19 conference.
An EU General Data Protection Regulation enforcement action against a hospital in Portugal demonstrates complying with GDPR may be even tougher than complying with HIPAA. Regulatory experts analyze the implications of the case.
Two GOP senators are asking federal regulators to recoup potentially millions of dollars worth of allegedly inappropriate EHR incentive payments made under the HITECH Act. If the money is clawed back, what's the potential impact on data security spending?
A watchdog agency's estimate that as much as $729 million worth of HITECH Act incentive payments might have been paid to doctors who failed to provide proof that they were meeting requirements for meaningful use of EHRs - including risk assessments - is raising questions about the program's accountability.
Leading the latest version of the ISMG Security Report: a look at how various sectors are moving away from checkbox compliance, instead taking proactive measures to secure their information assets. Also, big increase in e-commerce fraud and Yahoo's costly breach.
Federal regulators are reminding for-profit companies that if they collect and share consumers' health information, they not only need to comply with HIPAA security and privacy regulations, but also the Federal Trade Commission Act. Is their new guidance too narrow?
Arizona-based Banner Health, which operates 29 hospitals, says it's notifying 3.7 million individuals that their data was exposed in a "sophisticated cyberattack." An initial attack against payment card processing systems apparently opened the door to the attackers accessing healthcare data.
Proposed new federal regulations would end the HITECH Act electronic health records "meaningful use" incentive program for physicians treating Medicare patients and replace it with a simplified program as part of a sweeping payment revamp. What impact would the Medicare change have on data security requirements?
An FTC settlement with a medical billing company shines a spotlight on deceptive practices related to the collection and disclosure of patient's personal health information. What can healthcare providers learn from the settlement?
A government watchdog has begun auditing payments by state Medicaid agencies to hospitals participating in the HITECH Act electronic health record incentive program. Find out about plans for other HITECH audits, including scrutiny of security.
New payment card security standards issued by the PCI Council include a number of improvements, plus some glaring omissions, such as requirements for mobile, security experts say. What are their chief concerns?
The HHS Office of Inspector General plans to scrutinize whether any HITECH Act electronic health record incentive payments have been inappropriately issued and review HIPAA compliance enforcement efforts.