Compliance & Legal

OrthoVirginia's chief information officer talks about the 18-month remediation process after a Ryuk ransomware incident and describes how a cybersecurity road map and training drove a more comprehensive cyber hygiene strategy.

The Federal Trade Commission proposes including more vendors of personal health records that access or send unsecured PHR-identifiable data in its rule governing health data sharing and unauthorized protected health information disclosure notifications.

The HIMSS Electronic Health Record Association says it has substantial concerns with regulatory deadlines and other stipulations in ONC's proposed interoperability and AI transparency rule.

QR codes designed to improve data transfer can entice healthcare data breaches. Sharat Potharaju of Beaconstac shares advice on how to safely bolster data security while providing patients the ease of mobile access.

Health data from wearable and implantable medical devices should be surrounded by stronger security, says Michelle Ramim, assistant professor of health informatics at Nova Southeastern University.

The complaint alleges the EHR provider failed to follow guidelines for protecting data after the company said compromised credentials enabled unauthorized access to the confidential information of more than 1 million people.

The agency says it is reviewing a deluge of comments on its February proposed rulemaking ending telehealth prescriptions for certain controlled substances. It's unclear how far this new extension will last beyond the end of the PHE.

Kaiser and Geisinger join to form Risant Health while eVisit acquires complementary digital engagement technology and Verisma merges with ScanSTAT.