Digital Journal | Medical Hosting Company Launches New Cloud-Based HIPAA-Compliant Hosting Solution Digital Journal DALLAS, TX, November 19, 2018 /24-7PressRelease/ -- Medical Web Experts LLC is announcing the release of MWE Cloud, a new HIPAA-compliant cloud hosting service that offers higher availability, better security, and more efficient development ... |
AMIA Calls for Harmonization of Data Privacy Policies – Healthcare Informatics
AMIA Calls for Harmonization of Data Privacy Policies Healthcare Informatics As the lines between consumer and clinical data systems continues to blur, there is a need to harmonize health sector data privacy policy, such as the Health Insurance Portability and Accountability Act (HIPAA) and consumer data policy to develop a new ... |
AMIA Calls for Federal Alignment of Health Data Privacy Policies – HealthITSecurity.com
HealthITSecurity.com | AMIA Calls for Federal Alignment of Health Data Privacy Policies HealthITSecurity.com In a letter to the National Telecommunications and Information Administration, AMIA officials explained that the patchwork of HIPAA policies have led to much confusion in the healthcare sector. The problem is the wide range of HIPAA interpretations ... |
2,393 Patients of Southwest Washington Regional Surgery Center Impacted by Phishing Attack
Southwest Washington Regional Surgery Center in Vancouver, WA, has suffered a phishing attack that has resulted in the exposure of 2,393 patients’ protected health information.
The breach was confined to a single email account and no evidence was uncovered to suggest any emails have been accessed or downloaded by the attacker. An extensive investigation was conducted with assistance provided by a third-party cybersecurity firm. The investigation concluded on September 25.
The investigation included a manual review of all emails in the compromised account to identify patients affected and the types of information that may have been compromised.
Southwest Washington Regional Surgery Center explained in its breach notice that the beach was limited to the following PHI elements: Names, driver’s license numbers, Social Security numbers, medical information, and for a limited number of patients, credit card numbers.
The investigation revealed the email account was compromised on May 27, 2018 and access remained possible until August 13, 2018.
Patients impacted by the breach were sent breach notification letters on November 6, 2018 and have been offered complimentary credit monitoring and identity theft restoration services for 12 months. Information has also been provided on the steps that should take to reduce the risk of identity theft and fraud.
The breach has prompted Southwest Washington Regional Surgery Center to enhance its email access protocols to prevent further successful phishing attacks, passwords were reset, and its password policy updated.
The post 2,393 Patients of Southwest Washington Regional Surgery Center Impacted by Phishing Attack appeared first on HIPAA Journal.
Feds curious whether HIPAA is impeding care coordination for SNFs – McKnight’s Long Term Care News
McKnight's Long Term Care News | Feds curious whether HIPAA is impeding care coordination for SNFs McKnight's Long Term Care News The Centers for Medicare & Medicaid Services is asking if patient privacy laws are preventing coordination among nursing homes and other providers. Officials from the agency submitted a proposed request for information to the White House Office of ... |
Do the HIPAA Rules Hamper Coordinated Patient Care? – GovInfoSecurity.com
GovInfoSecurity.com | Do the HIPAA Rules Hamper Coordinated Patient Care? GovInfoSecurity.com OCR will ask for feedback on whether HIPAA poses barriers in patient information sharing among hospitals, physicians, payers and patients. It will ask whether HIPAA imposes regulatory burdens that may impede the transformation to value-based healthcare ... |
AMIA calls for tighter coordination of data privacy rules – Healthcare IT News
Healthcare IT News | AMIA calls for tighter coordination of data privacy rules Healthcare IT News The American Medical Informatics Association is asking the Trump administration to take a close look at both HIPAA and the Common Rule to see how they might be updated or harmonized for a new era of privacy policy. Specifically, the AMIA wants a more ... |
HIPAA update inches closer to reality – Healthcare IT News
Healthcare IT News | HIPAA update inches closer to reality Healthcare IT News Federal regulatory efforts to upgrade HIPAA have taken a step toward reform. The Department of Health and Human Services' Office of Civil Rights (OCR) passed the HIPAA request for information (RFI) on to the Office of Management and Budget, appearing ... |
Congress Passes CISA Act Which Calls for New Cybersecurity Agency Within DHS
The U.S. Department of Homeland Security will be forming a new agency solely focused on cybersecurity following the passing of new legislation by Congress.
The Cybersecurity and Infrastructure Security Agency Act of 2018 (CISA Act) amends the Homeland Security Act of 2002 can calls for DHS to form a new Cybersecurity and Infrastructure Security Agency. The CISA Act was unanimously passed by the House of Representatives and just awaits the president’s signature.
The new agency will be formed through the reorganization of the National Protection and Programs Directorate (NPPD) and will have the same status as other DHS agencies such as the U.S. Secret Service.
The NPPD is already responsible for reducing and eliminating threats to U.S. critical physical and cyber infrastructure, with cybersecurity elements covered by the Office of Cybersecurity and Communications and the National Risk Management Center.
NPPD currently coordinates IT security initiatives with other entities, local, state, tribal and territorial governments and the private sector and oversees cybersecurity at federal government civilian agencies.
The new name better reflects the work NPPD does and emphasizes the importance of cybersecurity in securing the nation’s critical infrastructure. The new agency will consolidate information security and physical infrastructure security in a unified agency.
“The cyber threat landscape is constantly evolving, and we need to ensure we’re properly positioned to defend America’s infrastructure from threats digital and physical,” said DHS Secretary Kirstjen M. Nielsen. “It was time to reorganize and operationalize NPPD into the Cybersecurity and Infrastructure Security Agency.”
Having a single agency in charge of the nation’s cybersecurity will help the U.S. government address current security gaps. At present, each federal agency is responsible for its own IT systems and managing cyber risks. Regardless of size and budget, each government entity must ensure cyber risks are managed and reduced to a minimal level. There are also several government agencies that cover various cybersecurity functions, which is inefficient and results in security gaps.
“Elevating the cybersecurity mission within the Department of Homeland Security, streamlining our operations, and giving NPPD a name that reflects what it actually does will help better secure the nation’s critical infrastructure and cyber platforms,” said Christopher Krebs, current undersecretary of the NPPD. “The changes will also improve the Department’s ability to engage with industry and government stakeholders and recruit top cybersecurity talent.”
The post Congress Passes CISA Act Which Calls for New Cybersecurity Agency Within DHS appeared first on HIPAA Journal.