Thursday, July 31, 2014

FCC Launches Mobile Privacy, Security Inquiry to ‘Refresh Record’ on Industry Practices

The Federal Communications Commission has launched a new inquiry to examine the privacy and data security practices of mobile service providers in light of technologies and business practices that have emerged since a related 2007 proceeding.

In First Action Stemming from HIPAA Breach Notice Rule, Tennessee BlueCross BlueShield Agrees to Pay $1.5 Million

RALEIGH, N.C.—BlueCross BlueShield of Tennessee (BCBST) agreed to pay $1.5 million and institute a corrective action plan to resolve Department of Health and Human Services claims of insufficient protection of personal health information in the first enforcement action stemming from the Health Information Technology for Economic and Clinical Health Act’s Breach Notification Rule, HHS announced March 13.

Office of Management and Budget Issues New Cloud Data Security Policy To Support Service Provider Approval System

The Office of Management and Budget issued a policy memorandum on cloud computing vendor data security authorization to support an acquisition program designed to allow federal agencies to more quickly transition to cloud computing services…

BNA INSIGHTS: Electronic Health Records Data and Secondary Use Research

An electronic health record (EHR) captures health data for treatment at the point of care but can also serve an important role for quality reporting, surveillance, and research…

BNA INSIGHTS: The Securities and Exchange Commission’s Guidance On Cybersecurity and Cyber Incident Disclosure

The U.S. Securities and Exchange Commission on occasion provides disclosure guidance on topics of interest to the business and investment communities. The SEC said recently that it has observed “an increased level of attention focused on cyberattacks.”…

BNA INSIGHTS: Contracting for Payment Card Industry Data Security Standard Compliance in the Cloud

As merchants move to reap the functional and operational benefits of virtualized environments, compliance with the Payment Card Industry Data Security Standard (PCI DSS) is becoming increasingly complicated, yet all the more essential to the protection of cardholder data…

BNA INSIGHTS: High-Profile Breaches Spur Congressional Activity on Privacy, Data Security Policy

With a Republican-controlled House opposite a Democratic-controlled Senate, and presidential and congressional elections looming in less than sixteen months, few proposals of significance are capable of advancing to become law…

BNA INSIGHTS: The Proliferation of Mobile Devices and Apps for Health Care: Promises and Risks

The popularity of smartphones like the Droid and iPhone as well as tablet devices such as the iPad means that people are able to accomplish many things without physically sitting in front of a computer or even being in the office…

OCR Proposes HIPAA Privacy Rule Revisions On Disclosures Accounting, Access Reporting

A recently published health data privacy proposed rule goes beyond legal requirements and would be burdensome for the health care industry by creating two separate new rights for individuals—one allowing requests for a full accounting of access to their electronic or paper protected health information, and a second allowing requests for information about who has accessed their PHI in electronic form…

BNA INSIGHTS: Advice to Hospitals and Physician Practices: Protecting Your Data in an Uncertain HIT World

HIT Vendors:
Until the long-term prospects of health information technology vendors become more predictable, it is likely that a customer entering into a contract today with one HIT vendor will not be working with that same vendor in a decade or less. The author highlights a few steps health care providers can take to ensure that, however the relationship with the vendor ends, the customer’s interests, and data, will be protected…

Next Page »