OCR Releases Guidance for HIPAA-Covered Entities to Follow FTC Regulations When Sharing Patient Data
HIPAA-covered entities that share consumer health information also need to comply with regulations under the FTC Act when sharing information for commercial, non-treatment-related purposes, according to newly released guidance OCR.
Despite the minimal impact of this particular attack, in which cybercriminals flood an organization’s servers with data—including data from Internet of Things-connected devices—healthcare security experts warned that many health IT systems are vulnerable to future threats.
The breach of Olympic athletes’ medical records by Russian hackers this week again demonstrates the vulnerability of protected health information and the extent to which it is viewed as a target by criminals.
Federal health privacy officials issued an alert last week saying that starting this August, it is allocating more resources to an initiative aimed at investigating health data breaches affecting 500 patients or less.
The healthcare industry should respond to patient privacy breaches the same way the credit card and banking industries react when security incidents occur in those industries, one writer suggests.
Seeking to answer consumer questions on how HIPAA works for them, the Journal speaks with an attorney to explore various issues, from accessing deceased records to processing fee payment.