...Under the Final Rule, the OCR has the power to domestically deal out civil penalties, corrective actions and long-term monitoring, while the DOJ has the power to domestically deliver a criminal prosecution. Through enforcement under HITECH, the State attorneys general [...]
The only difference in healthcare is that the large breaches have not gotten the sensational, but appropriate coverage credit card breaches have gotten.
Three other interesting quotes:
1. As health data becomes increasingly digital and the use of electronic health records booms, thieves see patient records in a vulnerable health care system as attractive bait, according to experts interviewed by POLITICO. On the black market, a full identity profile contained in a single record can bring as much as $500.
2. “Criminal elements will go where the money is,” said Wah, who was the first
Kevin is a featured writer for TechTarget. Here is is latest column: _________________________________________________________ A few months ago, I wrote an article about the practice of non-attorneys consulting on HIPAA business associate agreements. After talking with scores of people about the [...]
Here is a controversial article written recently by Kevin McDonald for TechTarget. ------------------------------------------------------------------------------------------------------------------------------------- Under federal law, the Health Information Portability and Accountability Act (HIPAA) Privacy Rule extends to a class of business entities (i.e., health plans, health care clearinghouses and [...]
I am curious what Dye’s definition is for "cyber-attack?" One this is for sure, the motivation of hackers and malware has changed dramatically over the years. The threats are new and different today. Going back in history most malware was related to someone wanting cyber fame, making a political statement or just plain mischievousness. Now with the advent of ransomware, spam mailing bots and
1. Where should small businesses start with disaster recovery, whether or not they already have a DR plan in place? What is the first question the small business owner needs to ask?
I recommend starting with determining RTO and RPO. If the small business owner starts here he or she will be off to a good start with the DR plan. What are RTO and RPO?
• RTO – Recovery Time Objective, the time between the disaster and when the system has been made operational again. Why is this important? Different businesses have different costs associated with
As many security solution providers struggle to find compliance opportunities, there is a great opportunity in supporting compliance with the Health Insurance Portability and Accountability Act (HIPAA).Even though the comprehensive laws intended to protect patient and health care data are [...]
1. Key IT constituencies are expressing dissatisfaction
2. Shadow IT is growing
3. Your IT strategy has diverged from the company strategy
Recent changes to HIPAA and HITECH opened up significant new opportunities for security solution providers who can shoulder the risks and get themselves educated on these regulations. As this HIPAA security checklist of services, below, shows, there are 10 specific [...]
Many VARs are looking to profit from health care-related cloud storage services. But with profit comes responsibility. Whether you build your own or offer another’s service, the U.S. Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for [...]
Skip to content
