I received this notice of an educational webinar titled “The State of U.S. Healthcare Privacy – Survey Results and Expert Perspectives”, featuring Deven McGraw, Director of the Privacy Project at the Center for Democracy and Technology (full bio), and John Houston, Vice President; Information Security and Privacy; Assistant Counsel at the University of Pittsburgh Medical Center (full…
Category: Uncategorized
Companies have just months to replace old wireless payments systems
Retailers and caterers have just six months to replace old systems if they are to continue to use wireless card payment technology. The industry payment security body might revoke the right to process cards for companies that do not upgrade their technology. The Payment Card Industry (PCI)’s Data Security Standard (DSS) is the set of…
Nevada and New Hampshire Data Security and Privacy Laws Take Effect
Hunton & Williams LLP write: On January 1, 2010, two important state data security and privacy laws took effect in Nevada and New Hampshire. The laws create new obligations for most companies that do business in Nevada and for health care providers and business associates in New Hampshire. […] The new law in New Hampshire…
VA, Kaiser Permanente launch e-health records exchange
Lucas Mearian reports: In a first-of-its-kind public-private partnership, health-care network giant Kaiser Permanente and the U.S. Department of Veterans Affairs today unveiled a pilot program they’ve been using to share patient electronic health records over the past several months. The program connects the VA’s VistA (Veterans Affairs Health Information Systems and Technology Architecture) and Kaiser…
World Privacy Forum files comments with Department of Labor regarding genetic regulations
The World Privacy Forum filed comments this week with the Department of Labor requesting that the department expand its protections of how genetic information may be used by health insurance companies or group health plans. The comments were in response to the interim final rules implementing sections 101 through 103 of the Genetic Information Nondiscrimination…
More on the HITECH-mandated breach reports on HHS
Several weeks ago, I initiated an inquiry about the breach reports that I expected to see on HHS’s web site. Under the new HITECH Act provisions, covered entities experiencing breaches involving the unsecured PHI of 500 or more patients are required to report the incident to HHS – if the incident meets the “harm threshold”…