Compliance & Legal

As new cyber risks emerge, strategies evolving but basic principles still apply
By Mike Miliard 07:00 am August 02, 2019
BlueKeep? Dridex? A state of emergency in Louisiana? Healthcare security pros find themselves living in interesting times. But with new threats emerging each day – and old ones, like phishing, not going away – some tried and true lessons are still useful.
By Jeff Lagasse 07:07 am July 30, 2019
The fine is the largest ever imposed on any company for violating consumers' privacy, according to the FTC.
By Mike Miliard and Bill Siwicki 02:52 pm July 26, 2019
Companies have upped their games in recent years, bolstering their technical infrastructure and jumping through regulatory hoops to prove they have the wherewithal to handle PHI. Providers have taken notice, and are embracing the cloud in big ways.
How one tribal health center boosted training compliance to 99.98%

One of Sault Tribe Health Division's eight health clinics.

By Bill Siwicki 01:11 pm July 24, 2019
Sault Tribe Health Division also uses its specialized IT system to manage digital incident reporting and credentialing management.
PillPack website screenshot.
By Jeff Lagasse 01:24 pm July 22, 2019
Surescripts is seeking to cut off PillPack's access to patient data, and the latter, an Amazon-owned company, isn't taking the matter lightly.
Surescripts files motion to dismiss FTC antitrust charge
By Mike Miliard 12:56 pm July 15, 2019
The e-prescribing giant says the Federal Trade Commission's complaint shouldn't be reviewed in federal court because it relies on several factual errors.
Hospitals are paying for not vetting their vendors
By Benjamin Harris 12:36 pm July 11, 2019
More than half of hospitals say they've had one or more data breaches caused by third-party vendors in the past two years, with an average cost of $2.9 million per incident – but too many are still failing to do adequate risk assessments.
By Nathan Eddy 04:03 pm July 01, 2019
Google, the University of Chicago Medical Center and University of Chicago are listed as defendants in a class action suit that alleges they failed to properly de-identify sensitive patient medical data.

Dr. Suzanne Schwartz, FDA's deputy director of the Office of Strategic Partnerships and Technology Innovation, says all device manufacturers should "monitor and assess cybersecurity vulnerability risk, and to be proactive about disclosing vulnerabilities."

By Benjamin Harris 02:24 pm July 01, 2019
The agency warns that older MiniMed devices – which have been recalled by Medtronic – could be hacked and remotely controlled, adding to the list of cyber concerns for IoT devices.
By Jeff Lagasse 11:39 am June 28, 2019
More than 70% of Virginia hospitals that garnish wages are nonprofit, and the money collected is only a tiny percentage of revenue.

Most Read

The Daily Brief Newsletter