The American Recovery and Reinvestment Act of 2009 (aka the stimulus package) included funds to both implement electronic health records and rules to specifically improve personal health information breach notification rules. It’s ironic, then, that the rush to digitize personal health information...
The Federal Trade Commission (FTC) has released the final rules concerning breach notifications for Personal Health Information (PHI) that were required under the American Recovery and Reinvestment Act of 2009 which was passed in February (otherwise known as the stimulus package). The Department of Health...
I've been thinking a bit more about the personal health information extortion attempt that's been in the news recently, and which Ken Swinney mentioned in his Keep the snakes at bay post yesterday. If you haven't been following the story, the gist is that a state agency responsible for identifying...
Recently, a state agency announced that their site had been compromised by computer hackers. The attackers left a ransom note on the web site claiming that they had captured 8.3 million patient records and 35.6 million prescriptions. The attackers also claimed to have created a password-protected, encrypted...
Under the American Recovery and Reinvestment Act of 2009 passed in February (otherwise known as the stimulus package), the Department of Health and Human Services (HHS), in consultation with the Federal Trade Commission (FTC), must issue rules requiring vendors of personal health records and related...
I read an interesting article tonight, on my flight out to Washington, DC for the CSI Conference (where I hope to meet some of you... ping me if you're here and I haven't talked to you yet). This article, titled " The Coming HIPAAcalypse ", presented a very grim view of compliance with...