Today, the Centers for Medicare and Medicaid Services (CMS) requested an "emergency review" of its recently proposed rule that "[Federally-facilitated Exchanges or FFEs], non-Exchange entities associated with FFEs, and State Exchanges must report all privacy and security incidents and breaches to HHS within one hour of discovering the incident or breach."
Information Management
Check Out Our Webinar Addressing the HIPAA, HITECH Omnibus Regulations
Click on the link in this post for high-level compliance roadmap concerning the Omnibus Privacy Rule under HIPAA and HITECH for covered plans, providers and business associates.
Continue Reading Check Out Our Webinar Addressing the HIPAA, HITECH Omnibus Regulations
Thinking About Cyber, Data Breach Insurance? Have You Assessed Your Needs/Risks?
It seems more companies are considering whether to purchase or enhance their cyber or data breach insurance coverage. In recent years, these offerings have expanded giving businesses more choice, and perhaps so has the need for such coverage given the explosion of access to and transmission of confidential data. What is interesting about this development is the different…
Wellpoint pays $1.7 Million to Settle Potential HIPAA Violations
Breach involving software upgrade to online application system leads to allegations of HIPAA privacy and security failures, and a $1.7 million settlement payment to HHS.
Continue Reading Wellpoint pays $1.7 Million to Settle Potential HIPAA Violations
Texas Amends the Effects of its Data Breach Law on Out-of-State Residents
By Joseph J. Lazzarotti on
Texas amends its data breach notification statute and the law’s effects on persons out of state.
Continue Reading Texas Amends the Effects of its Data Breach Law on Out-of-State Residents
One Hour Breach Notification Mandate Proposed Regarding Obamacare Health Exchanges
Are you a “non-Exchange entity” with respect to the healthcare exchanges coming later this year? If so you may become subject to a one-hour breach notification mandate.
Continue Reading One Hour Breach Notification Mandate Proposed Regarding Obamacare Health Exchanges
FDA Provides Data Security Guidance for Medical Device Manufacturers
By Joseph J. Lazzarotti on
Big Data’s impact on medical devices pushes FDA to propose draft guidelines for cybersecurity.
Continue Reading FDA Provides Data Security Guidance for Medical Device Manufacturers
The Threat of Cyberattacks and Data Breaches from China Continues
The New York Times recently reported that hackers from China have resumed attacks on U.S. targets, despite efforts by the Obama Administration to curb these intrusions. According to the article and a report by a security company, Mandiant, hackers from China have been behind…
scores of thefts of intellectual property and government documents over the past five
…
Idaho State University Investigated by HHS Following Report of Data Breach
University’s $400,000 payment to HHS to settle HIPAA compliance allegations highlights critical role of risk assessments, and need for security policies and procedures.
Continue Reading Idaho State University Investigated by HHS Following Report of Data Breach
We have to disclose patient records in response to a subpoena/attorney letter, right?
Health care practices and businesses generally need to be more careful when responding to requests for medical and other sensitive personal information.
Continue Reading We have to disclose patient records in response to a subpoena/attorney letter, right?