On 9/30/2021, HHS Office for Civil Rights issues guidance on when HIPAA applies and does not apply to COVID-19 vaccine information. Generally, HIPAA applies to disclosures of protected health information by HIPAA covered entities and not to requests for such information by such entities or other businesses. Accordingly, HIPAA does not prohibit ...
Bi-partisan group of U.S. Senators release cyber incident notification bill that would require most entities in critical infrasture sectors to notify CISA within 24 hours of a ransomware attack and other cyber intrusions.
By: Courtney Samford, contributing author Blake Sims, Wyatt Summer Associate
Employers commonly supply computer and work devices to employees and state that the electronics may only be used for business related purposes, and employers have always had the ability to discipline employees who violate computer use policies through improper ...
The effective date for compliance with the Information Blocking Final Rule, a provision of the 21st Century Cures Act geared towards ensuring access, exchange and use of electronic health information (EHI) took effect on April 5, 2021. This article provides a quick summary of the rule and links to key information for health care providers who should ...
Congressional Bill H.R. 7898 signed into law on 1/5/2021 amends HIPAA's penalty standard for data breaches by mandating that HHS give favorable consideration to "recognized security practices" that the covered entity or business associate implemented.
FBI, HHS and CISA issue Joint Cybersecurity Advisory warning hospitals and health care community about coordinated ransomware attacks on hospitals designed to steal data and freeze hospital systems for financial gain.
U.S. Treasury Department issues ransomware advisories and warns financial institutions, cyber insurers and others involved in cyber incident response that paying the ransom to regain access to computers or files after an attack may be sanctionable conduct.
Effective January 1, 2021, practitioners who prescribe controlled substances to be dispensed in Kentucky must issue the prescription electronically directly to the pharmacy unless an exception applies.
The FTC reports an increase in COVID-19 related scams. The scams include phishing emails with fake termination notices and malicious links and fraudulent contact tracing emails with requests for money. Read this post with links to resources on protecting yourself and employees from Coronavirus-related cybercrime ...
Written by: Kathie McDonald-McClure
On Monday, July 13, 2020, the Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) issued a SAP cybersecurity alert, No. AA20-195A, regarding a critical vulnerability that an unauthenticated attacker could exploit through the Hypertext Transfer Protocol (HTTP) to take control ...