Are you a “non-Exchange entity” with respect to the healthcare exchanges coming later this year? If so you may become subject to a one-hour breach notification mandate.
Continue Reading One Hour Breach Notification Mandate Proposed Regarding Obamacare Health Exchanges
Health Information Technology
FDA Provides Data Security Guidance for Medical Device Manufacturers
By Joseph J. Lazzarotti on
Big Data’s impact on medical devices pushes FDA to propose draft guidelines for cybersecurity.
Continue Reading FDA Provides Data Security Guidance for Medical Device Manufacturers
Idaho State University Investigated by HHS Following Report of Data Breach
University’s $400,000 payment to HHS to settle HIPAA compliance allegations highlights critical role of risk assessments, and need for security policies and procedures.
Continue Reading Idaho State University Investigated by HHS Following Report of Data Breach
President Obama Issues Executive Order On Cybersecurity
President Obama issues executive order on cybersecurity…
Continue Reading President Obama Issues Executive Order On Cybersecurity
NHS Wants Patient Records
By Joseph J. Lazzarotti on
Posted in Health Information Technology, HIPAA
Across the pond, concern over government collection of personal health data is rising.
Continue Reading NHS Wants Patient Records
Maryland Attorney General Gansler Forms Internet Privacy Unit
Linking his announcement to National Privacy Day, January 28, 2013, Maryland Attorney General Douglas F. Gansler informed the public that his office has formed an Internet Privacy Unit. (See similar step taken by Connecticut AG)
The stated purpose of the Unit is to protect the privacy of online users. The Unit will be charged…
A Summary of the Final HIPAA Rule
As we continue to examine the final HIPAA privacy and security regulations, as amended by the HITECH Act and the Genetic Information Nondiscrimination Act, we pulled together a summary of some of the key points. We fully expect additional sub-regulatory guidance to be provided by OCR, such as frequently asked questions and sample business …
Top 13 for 2013 – Happy Privacy Day
Top 13 data privacy and security issues for 2013…
Continue Reading Top 13 for 2013 – Happy Privacy Day
Final HIPAA Regulations: “Business Associates” Include Subcontractors, Data Storage Companies (Cloud Providers?)
Under the HITECH Act, business associates are subject to the HIPAA privacy and security rules (the "HIPAA Rules") virtually to the same extent as covered entities. In addition to implementing this change for business associates ("BAs"), and providing additional guidance concerning what entities are business associates, the final HIPAA regulations issued last week also treat certain subcontractors of BAs as BAs directly subject to …
Final HIPAA/HITECH Privacy and Security Regulations Released
Final HIPAA regulations are out……
Continue Reading Final HIPAA/HITECH Privacy and Security Regulations Released