News

What should healthcare organizations know about complying with the breach notification and data security requirements of New York's SHIELD Act? And how does the new law compare with HIPAA? Jon Moore, chief risk officer at consulting firm Clearwater, explains.

Servers appear to be the Achilles heel of healthcare organizations’ data protection efforts. About 54 percent of all individuals affected by an information breach of a healthcare organizations were impacted by a breach involving that organization’s server, according to data on the breach portal of the Department of Health and Human Services’ Office for Civil Rights, culling security incidents from June 1, 2018, to May 31, 2019. A report this summer from Clearwater’s CyberIntelligence Institute says that, of the breaches in the previous 12 months, 90 healthcare breaches affecting more than 9 million individuals, were related to servers in some way.

Cyber risk management is not an “IT problem”; it is an enterprise risk management matter that can be harnessed ...

Reporting requirements of New York’s SHIELD Act go into effect on October 23; healthcare organizations that ...

Developed with industry leaders like Clearwater Compliance, Symantec, and others, new NIST guidance and a proposed ...

Efforts by the federal Office of Civil Rights to investigate data breaches at healthcare organizations are of great concern to security and compliance officers at healthcare organizations.

Jon Moore, Chief Risk Officer at Clearwater Compliance LLC, based in Nashville, Tennessee, said the survey essentially reflected what he sees in the industry.

Although the healthcare industry has been notoriously resistant to change, its transformation at the hands of digitization has recently picked up pace.

Olean Medical Group CEO Christine Strade received a text June 11 telling her the group’s electronic medical record system was down. That’s how she learned her company had been cyber-attacked.