Health Care Organizations Seek Regulatory Changes To Improve Access To Cybersecurity Tools

Cybersecurity presents thorny problems specific to healthcare organizations. Not only are their protection of personal health information strictly regulated by the HIPAA and HITECH laws, but such organizations are also more frequently the targets of cyberattacks due in part to the highly personal information collected by such organizations, and in part due to the relative lack of resources available to battle cyber-threats. One set of healthcare regulations not directly related to cybersecurity, the Stark anti-kickback law, has potentially hindered healthcare organizations in adapting to an…
Continue reading...

Increased Enforcement and Litigation Risk for Data Breaches Involving Personal Health Information

HIPAA and HITECH have long been high priority concerns for health care and life sciences organizations. But recent developments in HIPAA enforcement and data breach litigation raises the threat level for all companies dealing with personal health information (PHI). On the enforcement front, on February 1, 2018, HHS’s Office of Civil Rights — which enforces HIPAA privacy, security, and breach notification rules — announced a $3.5 million settlement with Fresenius Medical Care North America to resolve several potential HIPAA violations. In 2013, Fresenius filed five…
Continue reading...

Google Glass v. HIPAA

It is too soon to tell how fast and how far the Google Glass trend will spread.  We have all signed the HIPAA disclosure forms and seen the cover page over the sign-in sheet that “keeps us from seeking the other patients’ name” at the doctor’s office. Will we soon be asked to check our Google Glass at the door?  Reportedly, the Google Glass only needs a line of sight to record images.  If that is true, then wearing the newest, coolest tech gadget could…
Continue reading...