Government, HIPAA/HITECH, Industry Specific U.S. Agencies Challenge DEI Initiatives While Enforcing HIPAA Regulations Marianne Kolbasuk McGee ( HealthInfoSec) • March 11, 2025 The Office for Civil Rights at the Department of Health and Human Services, responsible for enforcing HIPAA, has launched inquiries into several medical institutions related to their DEI…
State Privacy Laws Impacting AI and Machine Learning in Healthcare In a recent discussion at the HIMSS 2025 conference in Las Vegas, regulatory attorney Adam Greene from the law firm Davis Wright Tremaine highlighted the implications of state privacy regulations on the use of consumer data in artificial intelligence (AI)…
Cybersecurity Risks Ramp Up Amid Geopolitical Tensions and Regulatory Changes As organizations grapple with the challenges posed by geopolitical tensions, uncertain supply chains, and rapidly evolving regulatory landscapes, the urgency for robust risk management programs has surged. Companies are increasingly focusing on mitigating risks associated with their business relationships as…
A new privacy law in New York is set to significantly complicate the processing and sharing of health information across various organizations, pending the governor’s approval. Regulatory attorney Angie Matney has highlighted the implications of the New York Health Information Privacy Act (HIPA), which was passed by the state’s legislature…
Data Breaches Reported by Central New York Cardiology and Park Place Pediatric Dentistry Recent reports have revealed significant data breaches at Central New York Cardiology and Park Place Pediatric Dentistry, raising alarms within the healthcare sector. These incidents underscore the escalating risks that organizations face in safeguarding sensitive patient information.…
Established in 1996, the Health Insurance Portability and Accountability Act (HIPAA) has served as the benchmark for U.S. healthcare providers, health organizations, and entities handling health data to safeguard the privacy and security of electronic public health information (ePHI). It also stipulates penalties for non-compliance. In January 2025, the U.S.…
In a recent discussion, regulatory attorney Betsy Hodge of Akerman LLP emphasized the imperative for healthcare providers utilizing telehealth and remote patient monitoring services to integrate these systems into their comprehensive enterprise risk management frameworks. With the expansion of telehealth services, she noted the critical need for organizations to develop…
Cybersecurity Breaches in Healthcare: A Year of Alarming Data Compromises In February 2024, Change Healthcare publicly disclosed a significant cybersecurity breach, marking it as the largest healthcare data breach reported to federal regulators. Initially, the extent of this breach was not fully recognized, but it soon became clear that the…
States Address Cybersecurity Gaps Amid Regulatory Changes As the Trump administration signals a reduction in federal regulations, states are poised to take on a more prominent role in addressing cybersecurity within the healthcare sector. Attorney Amy Magnano from the Morgan Lewis law firm predicts that states will introduce new cyber…
