In a release yesterday, HHS Secretary Tom Price stated that OCR will waive sanctions and financial penalties for specific Privacy Rule violations against hospitals in the Hurricane Harvey disaster area. This waiver is only applicable to the provisions of the...
The HIPAA Breach Notification Rule (45 CFR §§ 164.400-414) states that all covered entities must notify the HHS’ Office for Civil Rights of a breach of unsecured protected health information and issue notification letters to affected people without unreasonable delay...
The Department of Homeland Security has issued an alert over vulnerabilities in Siemens medical imaging devices. The vulnerabilities could be exploited remotely and attacks would require only a low level of skill. Exploits are publicly available that could allow...
The Health Information Trust Alliance (HITRUST) is looking to improve its threat information sharing capabilities and provide more assistance to HIPAA covered entities to help them manage cyber threats more effectively. HITRUST is already providing detailed...
The Breach Barometer mid year reviews has been released by Protenus, in conjunction with Databreaches.net. This report covers all data privacy breaches reported in health care over the past 6 months. It provides valuable insights into 2017 data breach trends for the...