Compliance & Legal

The Indiana provider says pixels used to collect information about website users may have transferred certain types of patient information since 2017.

The agency issued a bulletin clarifying that a notice of pixel use does not permit PHI disclosure, and when HIPAA-compliant authorizations for pixels are required.

Anita Allen, professor of law and philosophy at the University of Pennsylvania, says "data sharing is the new health ethic," in a preview of her keynote address at the HIMSS Healthcare Cybersecurity Forum.

There are still a lot of misconceptions about the ONC rule and its requirements, says Joerg Schwarz, senior director for healthcare interoperability strategy at Infor, who offers some tips for provider organizations.

Perspective on minimizing the risks of third-party information sharing from Odia Kagan, partner and chair of GDPR compliance and international privacy for Fox Rothschild LLP.

The former employee's access to patient data and health information was outside the scope of their job functions and was without a reasonable basis, the health plan says.

The agency's first coordinated action against individuals using business email compromise and money laundering schemes to target healthcare payers uncovered $11.1 million diverted from Medicare, Medicaid programs, private health insurers and others.

The merged capabilities will create a more robust nonprofit compliance and risk-management partner focused on increasing trust in and accreditation programs for healthcare organizations.

Assessing how to counter growing threats and attacks.

Oscar Miranda, chief technology officer for healthcare at Armis, notes that regulations are defined baselines yet security goals often exceed them, and the disconnect is a common theme in healthcare.