Search Results
The default setting for search results displays All Content. If you prefer to see recent content only, please adjust the date filter.
Filter your results:
Types
Topics
7 Results Found
Senate holds hearing on health care cybersecurity and patient privacy
In a statement submitted to the Senate Health, Education, Labor and Pensions Committee for a hearing July 9 on health care cybersecurity and patient privacy, the AHA said the highest cyber risk for patient data is often through third-party service and software providers. The AHA encouraged Congress to use federal agencies and resources to protect hospitals and health systems, especially in rural areas.
NIST updates HIPAA cybersecurity resource guide
The National Institute of Standards and Technology this week released updated guidance to help HIPAA-covered entities and business associates assess and manage cybersecurity risks to electronic protected health information and comply with the HIPAA security rule.
OCR launches webpage with HIPAA FAQs on Change Healthcare cyberattack
The Department of Health and Human Services’ Office for Civil Rights April 19 launched a webpage answering HIPAA-related FAQs about the Change Healthcare cyberattack.
In wake of cyberattack, OCR investigating Change Healthcare compliance with HIPAA rules
The Department of Health and Human Services’ Office for Civil Rights is initiating an investigation into the Change Healthcare cyberattack, the agency announced March 13in a “Dear Colleague” letter.
HHS says hospitals impacted by Change Healthcare cyberattack can delegate breach notifications to UnitedHealth Group
The Department of Health and Human Services May 31 announced that hospitals and health systems can require UnitedHealth Group to notify patients if their data was stolen during the Change Healthcare cyberattack Feb. 22.
CISA releases proposed rule on cyber incident reporting
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency March 27 released a proposed rule implementing cyber incident and ransom payment reporting requirements under the Cyber Incident Reporting for Critical Infrastructure Act of 2022, intended to help the agency prevent cyberattacks and deploy assistance to victims.
AHA to court: Revised OCR bulletin on online tracking technologies still unlawful
The Department of Health and Human Services’ revised “bulletin” for HIPAA covered entities and business associates using online tracking technologies only confirms that the original bulletin was “substantively and procedurally unlawful,” AHA April 11 told a federal court hearing its challenge to a bulletin issued by HHS’ Office for Civil Rights that restricts health care providers from using standard third-party web technologies that capture IP addresses on portions of their public-facing webpages.