The first major update to HIPAA in more than a decade will eliminate the distinction between “required” and “addressable” safeguards, making key cybersecurity and physical security measures mandatory for all healthcare providers. This shift will expose gaps in hospitals’ fragmented security systems, though, according to Kumar Sokka, CEO of cybersecurity platform Acre Security.

The post Why Some Hospitals Won’t Be Able to Comply With Upcoming HIPAA Updates appeared first on MedCity News.

As legal and compliance professionals, we champion privacy and cybersecurity in our organizations — but success requires a team effort.

The post The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals appeared first on MedCity News.

Healthcare AI in the U.S. has progressed to a point where traditional, HIPAA-style compliance alone is no longer adequate. The next phase of regulation and market expectation will require continuous, medical-grade AI governance, and companies that don’t adapt now will be left behind.

The post HIPAA Was Built for an Analog Era, Healthcare AI Has Outgrown It appeared first on MedCity News.

If leading hospitals are using these AI tools, and the companies mention HIPAA compliance on their websites, are the consumer AI health tools also regulated by HIPAA? Do consumers share a similar relationship with these companies as healthcare organizations do?

The post Privacy Expectations in Consumer AI Tools: How Patient Use of ChatGPT Health and Claude Differs From HIPAA-Regulated Care appeared first on MedCity News.

[Sponsored] Discover where you can find HIPAA-compliant software for med spas.

The post Med Spa Technology: Leading Providers of HIPAA-Compliant Software appeared first on MedCity News.

How can healthcare providers contend with a regulatory environment that has never been more fragmented? Here are three lessons on why privacy is your competitive advantage.

The post Privacy Rules Are Tightening, Again. Here’s How Your Healthcare Marketing Can Embrace Compliance to Thrive appeared first on MedCity News.

As manufacturers play an active role in the patients’ healthcare journey, the boundaries between manufacturers and healthcare providers/payers are becoming increasingly blurry.

The post It Is Time For The Life Sciences Industry To Rethink Its Relationship with HIPAA appeared first on MedCity News.

As healthcare continues to become more and more dependent on third-party vendor services, provider and technology entities must remain focused on the risks that their vendors present.

The post “Here, There and Everywhere”: Vendor Risks in the Health Care Sector appeared first on MedCity News.

Across the U.S., nearly 700 rural hospitals are at risk of closure. When they shut down, the impacts cascade: broken continuity, delayed care, and increased cyber risk in every new system a patient must navigate.

The post The Hidden Fallout of Rural Hospital Closures: Patient Care Suffers – and So Does Data Security appeared first on MedCity News.

From mobile documentation to emergency handoffs, EMS providers handle sensitive patient information in fast-moving environments. Understanding how HIPAA applies — and how to comply — can improve care, reduce risk, and build systemwide trust.

The post Why HIPAA Compliance Is Both a Challenge and Opportunity for EMS Providers  appeared first on MedCity News.

The bottom line is that while recognizing there is an issue is vital, too many healthcare organizations are counting on solutions that cannot and will not provide a sufficient line of defense.

The post HIPAA’s Blind Spot: It’s Time to Address Client-Side Attacks appeared first on MedCity News.

If the guidelines for data sharing are not adhered to by providers, then all the work that has gone into revising this regulation will have been for nothing. But the road to compliance doesn’t have to be overwhelming. Here are three essential steps for healthcare leaders in navigating the soon-to-be Part 2 landscape.

The post Putting Part 2’s Data Privacy Protections into Play: 3 Key Considerations appeared first on MedCity News.

HHS is proposing major changes to HIPAA for the first time in more than a decade, aiming to strengthen cybersecurity protocols for electronic health data. Healthcare cybersecurity leaders are mainly in favor of the proposal — though there are some concerns that smaller providers will struggle with the financial and operational burdens of compliance.

The post HHS’ Proposed HIPAA Changes Are a Step in the Right Direction, But Some Providers May Struggle to Comply appeared first on MedCity News.

Implementing a thorough federal privacy law and broadening HIPAA protections to include new mHealth technologies are crucial steps in enhancing personal data security. Equally important, companies and developers should adhere to strict ethical standards and robust security protocols during app development to protect users’ sensitive information.

The post Mental Health Data Sells, But Who’s Buying? appeared first on MedCity News.

Two chief information security officers offer some advice at a cybersecurity panel at HLTH.

The post How To Spot Deepfakes and Other Cybersecurity Panel Takeaways from HLTH appeared first on MedCity News.

Profound opportunities and challenges are playing out at the intersection of the two.

The post Policy Innovation Is Outpacing Technology at the Intersection of Health Care and Human Services appeared first on MedCity News.

The availability of innovative technologies affords us the opportunity to chart a more patient-centric, efficient, and secure path to managing and leveraging PHI.

The post Protecting Health Data Without Harming Patients: Overcoming the Barriers That Limit Our Access to Our Personal Health Information appeared first on MedCity News.

RPM has ushered in a new era of healthcare. However, navigating the complexities and challenges of this landscape requires a thoughtful QA strategy.

The post Remote Patient Monitoring: Pioneering Healthcare Through Quality Assurance appeared first on MedCity News.

To prevent the proliferation of data security incidents in the healthcare industry, providers must examine their use of legacy systems as well as their reliance on third parties, according to a new report. It pointed out that most providers fail to probe their third-party partners’ cybersecurity measures, and many continue to use legacy systems that are no longer supported by vendors or are hard to patch and update.

The post How Can Providers Avoid Data Breaches? appeared first on MedCity News.

[Sponsored] Organizations across most industries, especially the technology sector, have adopted Multi-Factor Authentication (MFA) to fortify their security measures. 

The post Strengthening Security: The Importance of Multi-Factor Authentication in Healthcare appeared first on MedCity News.

Here are three considerations for ways HIPAA can navigate the intersection between personalization and data privacy while meeting regulatory requirements.

The post How healthcare organizations can find a balance between personalization, data privacy and HIPAA compliance appeared first on MedCity News.

Digital health will alter HIPAA compliance – one of five predictions in this article about what the future portends in healthcare.

The post Digital health predictions for 2022: Assessing the future of consumer-based data integration appeared first on MedCity News.

Patients expect their healthcare providers to meet compliance regulations and keep their valuable information safe. Though, if you are HIPAA compliant, it doesn’t necessarily mean your data is secure. This article discusses the details of proper email security when it comes to HIPAA compliance.

The post Healthcare organizations remain at risk despite proper HIPAA compliance appeared first on MedCity News.

For HIPAA to remain relevant for the next 25 years, policymakers and healthcare providers will need to remain agile and alert; this groundbreaking legislation will only be effective for as long as it keeps pace with the newest technologies and security challenges.

The post 25 years of HIPAA: How the groundbreaking statute has kept pace with technology appeared first on MedCity News.

A mass email sent to hundreds of One Medical users exposed their email addresses. One Medical has stated it was not the result of a security breach.

The post Oops: Hundreds of One Medical patients’ emails exposed appeared first on MedCity News.

The government’s proposed changes to HIPAA aim to provide guardrails against data breaches and misuse, but some of the modifications may not work as intended. Three healthcare experts delved into the ways in which certain proposals could provide inappropriate access to health data during a recent panel discussion.

The post Some proposed HIPAA changes could inadvertently expose the data it’s supposed to protect appeared first on MedCity News.

Despite a 20-year head start, providers still fall short of HIPAA requirements around fulfilling patient requests for their medical records. In light of the federal information blocking rules, providers should first examine their compliance with HIPAA and then address the new demands imposed by the recently enacted regulations.

The post Compliance with HIPAA may offer some clues on how providers will fare with new info blocking rules appeared first on MedCity News.

The HHS’ new interoperability and information blocking rules have been in effect for one week, yet how they will be enforced is unclear. But there are some clues that could provide a glimpse into what the enforcement landscape might look like, and the best thing providers and IT developers can do is be proactive, experts say.

The post Enforcement landscape for HHS data-sharing rules is hazy, experts say appeared first on MedCity News.

Nadine Peters, chief legal officer of COTA, shares her journey to leadership in health data privacy law and policy recommendations for the Biden Administration on achieving health equity through data use and education.

The post Using data for anti-racist medical research: An interview with COTA’s chief legal officer appeared first on MedCity News.

If HIPAA does not apply to Amazon Care, then absent another privacy regulation applying, avoiding exploitation of the data relies on the good faith of the entity operating the service.

The post Amazon Care and privacy: A host of unknowns appeared first on MedCity News.