You are here

Privacy & Security


Siemens and eight partners to sign a joint charter to improve cybersecurity, identifying 10 action areas where governments and business could engage in the growth of security.

Medical devices, including cardioverter defibrillators and pacemakers, could be at risk to hacking and potential cause life-threatening events, according to a study published online Feb. 20 in the Journal of the American College of Cardiology.

Out of all types of healthcare providers, hospitals accounted for one-third of all data breaches and affected the largest number of individuals compared to doctors, nurses and social workers, according to a study published in The American Journal of Managed Care.

A receiver for Filefax has agreed to pay $100,000 from its liquidated estate to the HHS Office for Civil Rights (OCR) after being found in violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.

At least 50 percent of physicians are scored in the “risk” category, meaning their actions put their organization at risk for a serious privacy or security incident, according to the 2017 State of Privacy and Security Awareness Report.


Recent Headlines

Healthcare data breaches more expensive than other industries

Healthcare organizations will pay more per lost or stolen record when their data is breached, according to a new study by IBM and the Ponemon Institute.

Unauthorized access blamed in more 2016 data breaches than hacking

The leading cause of healthcare data breaches so far this year is unauthorized access or disclosure, not hacking, according to data compiled by HHS’ Office of Civil Rights (OCR).

ACLU: Myriad Genetics kept data from breast cancer patients

The American Civil Liberties Union has filed a complaint on behalf of breast cancer patients who claim Utah-based Myriad Genetics violated HIPAA law by refusing to turn over the patient’s own genetic data.

Two heavy hitters slug it out over MU’s role in breaches

Meaningful Use may not have launched the hacker express into healthcare, but it surely seems to have greased the rails. 

OCR: Cybersecurity needs to be a priority

Federal regulators urged healthcare organizations to have plans in place to deal with security issues such as data breaches involving patient and business information.

Hospital faces criticism for filming surgeries

In stepping up its surveillance after anesthesia drugs started going missing, Sharp Grossmont Hospital filmed women undergoing surgery without their permission.

Brookings report asks OCR to share data breach findings

Interviewees felt the Office of Civil Rights’ process should be more about finding ways to prevent future breaches than punishing hacked organizations.

Bill would establish CISO role for HHS

House Energy and Commerce Committee members Congresswoman Doris Matsui (D-Calif.) and Congressman Billy Long (R-Mo.) introduced the HHS Data Protection Act which would establish the Office of the Chief Information Security Officer (CISO) within the Department of Health and Human Services (HHS) and elevate the position out from under the CIO.

Calif. legislation addresses ransomware in healthcare

California is leading the charge for healthcare cybersecurity by passing legislation that outlaws ransomware and specifies how the crime should be prosecuted.

Stolen mail truck impacts 2,400 Kaiser Permanente members

The theft of a mail truck carrying protected health information is the source of a data breach affecting 2,400 members of Oakland, Calif.-based Kaiser Permanente.