Security News

There are growing privacy concerns among Americans due to COVID-19 with nearly 70 percent citing they would likely sever healthcare provider ties if they found that their personal health data was unprotected, a CynergisTek survey reveals. "As healthcare systems and corporations continue to grapple with data challenges associated with COVID-19 - whether that's more sophisticated, targeted cyber-attacks or the new requirements around interoperability and data sharing, concerns around personal data and consumer awareness of privacy rights will only continue to grow," said Caleb Barlow, president and CEO of CynergisTek.

Contact-tracing applications require employers to collect all kinds of employee health data that they never had to worry about before - temperatures, health symptoms and travel history, for example - and they aren't sure how to use and protect this data in a way that balances health and safety with privacy. To help get you started on the right path, here is a 10-point plan for securing PII, including new employee health data collected through COVID-19 contact-tracing applications and other healthcare tracking systems.

UK government has published the contracts it holds with private tech firms and the NHS for the creation of a COVID-19 data store, just days after campaigners fired legal shots over a lack of transparency. Campaign groups Foxglove and openDemocracy, which brought the action, said that the documents show the tech firms were set to build data models for commercial purposes from NHS training data before being challenged.

Hacking incidents involving email appear to be the most common type of major health data breach being reported to federal regulators so far in 2020. A snapshot Wednesday of the Department of Health and Human Services' HIPAA Breach Reporting Tool shows that so far in 2020, 38 health data breaches affecting a total of about 1.1 million individuals have been added to the official tally.

Under HIPAA, covered entities are required to report breaches impacting protected health information within 60 days of discovering the breach. In its breach notification statement, PIH Health says that on June 18, 2019, it learned that certain PIH Health employee email accounts had potentially been accessed without authorization as a result of a targeted phishing campaign.

Patients and consumers deserve better access to personalized, actionable health care information to empower them to make better, more informed decisions - but it should not drive up health care costs or compromise the privacy of their personal health data, according to a poll of patients and consumers from Morning Consult and America's Health Insurance Plans. A strong majority of patients want their data and privacy protected more than ever, even if it means foregoing easier health data access.

While Congress is unlikely to pass major new national cybersecurity legislation in an election year, federal regulators and state attorneys general will be busy addressing evolving health data...

What's Inside Appropriations Bill for HHS Efforts?As the year wraps up, regulators and legislators have been busy tying up some "loose ends" related to health data security and privacy before the...

What are some of the most important health data privacy and security regulatory developments to watch in 2020? Privacy attorney Kirk Nahra of the law firm WilmerHale discusses what he sees as the...

Crossix announced it has added several new data partners and sources as the company continues to expand its network of connected health data. Additional Rx and medical claims data will allow an...