Authored by: Camille Ley, Senior Privacy Consultant and Lindsay Farbent, Privacy ConsultantIf you are like many businesses that have implemented solutions to honor consumer do not sell/share requests in accordance with U.S. state privacy laws, you have likely placed a...
The latest draft of CPRA regulations (released on November 3, 2022) includes new requirements for agreements with service providers, contractors, and third parties that retain, use, or disclose Personal Information (“PI”). The draft regs specify that agreements must:...
Health Information Security/Privacy professionals should be familiar with the HIPAA Breach Notification Rule, which requires HIPAA covered entities (CEs) and their business associates (BAs) to provide notification to U.S. Department …
I was prompted to write this quick post this morning when I read this article. I think it is a good example of what some (actually many, in my experience) …
Information security (infosec) risk management can often seem overwhelming and hard. Organizations can spend considerable resources on infosec programs or solutions, yet they may have challenges in implementing commensurate and demonstrable …
The OPM breach has been deservedly in the news for over a month now. Much has been written and said about it across the mainstream media and the internet1. …
Since I follow the teleheath space rather closely from a security/privacy perspective, I was drawn yesterday to this article titled “How Health Privacy Regulations Hinder Telehealth Adoption”. From my experience, …
It has been just over a week since the Anthem breach was made public. Over this period, the mainstream media and many of the bloggers and commentators, as usual, have …
HealthcareITNews reported yesterday on this letter that was written by several physician organizations to the ONC. I wanted to write a couple of quick thoughts on the security aspects raised …