Skip to content Skip to navigation


Indiana Medical Clinic and Long Beach Health Plan Report Data Security Incidents

August 29, 2016  |  Heather Landi
Orleans Medical Clinic located in southern Indiana reported that it was recently the victim of a hacking incident of its network server resulting in inappropriate access to the protected health information about 6,800 patients.

Muddy Waters Report: St. Jude Medical’s Cardiac Devices Vulnerable to Cyber Attacks

August 29, 2016  |  Rajiv Leventhal
St. Jude Medical, a Minnesota-based global medical device manufacturer, saw its shares drop last week after a Muddy Waters Capital report noted demonstrations of cyber attacks to two of the company’s cardiac devices.

Don’t Get Stranded without a Data Security Action Plan

August 26, 2016  |  Mark Shelhart, Sikich LLP
It’s critical for healthcare providers to prepare a comprehensive data security action plan by following five key steps.

What Risk Do Privileged Users Pose to Healthcare Data Security?

August 26, 2016  |  Heather Landi
Employees with the most access to high value information assets continue to be a serious insider risk, according to a Ponemon Institute study, and healthcare organizations need to ensure their governance processes decrease the risk of privileged user abuse.

Are You Ready for a Phase 2 HIPAA Audit?

August 25, 2016  |  David Raths
The HHS Office for Civil Rights has launched Phase 2 of its HIPAA audits for providers and business associates. Although the number of organizations being audited is small, everyone in the industry should be prepared for a visit from OCR.

Addressing Health IT Staffing Challenges and Talent Gaps

August 24, 2016  |  Heather Landi
With an ongoing demand for skilled health IT professionals, one industry thought leader discusses the staffing challenges facing CIOs and IT leaders and offers insights into how to address the talent gap.

OIG Identifies Security Vulnerabilities in CMS’s Wireless Networks

August 24, 2016  |  Heather Landi
A penetration test of data centers operated by the Centers for Medicare & Medicaid Services found vulnerabilities in security controls over its wireless networks.

Survey: Hospital IT Execs Fearful of Mobile Security Threats

August 23, 2016  |  Rajiv Leventhal
More than eight in 10 (82 percent) hospitals surveyed by Spyglass Consulting Group expressed grave concerns about their ability to support and protect mobile devices, patient data, and the hospital’s technology infrastructure as a result of the growing threat of...

Washington Debrief: The Push for 90-Day Reporting in 2016 Continues!

August 22, 2016  |  Leslie Kriegstein, Vice President of Congressional Affairs, CHIME
CHIME, along with 20 additional organizations, has sent CMS a letter urging a 90-day reporting period.

OCR Announces Initiative to Focus Investigations on Smaller Data Breaches

August 22, 2016  |  Heather Landi
As healthcare organizations of all sizes are impacted by data theft, ransomware and privacy violations, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) plans to devote more resources to investigating smaller breaches.

The Right Way to Present a Business Case for Cybersecurity

August 19, 2016  |  Bob Chaput, CEO, Clearwater Compliance
There’s an ever-increasing number of threats to healthcare information. In order to get the funds needed to shore up an information security program, CISOs need to develop a comprehensive and compelling business case for doing so.

FTC Approves Final Order against Practice Fusion for Patient Privacy Complaint

August 18, 2016  |  Heather Landi
The Federal Trade Commission (FTC) approved a final order resolving it’s complaint against electronic health records (EHR) vendor Practice Fusion following charges that the company misled consumers about the privacy of the information it collected.


Subscribe to Privacy/Security