HeathCareInfoSecurity.com reported that “A Department of Health and Human Services division that administers funding, training and other services to children and families is putting sensitive data at high risk because of gaps in cloud security controls and practices, according to a watchdog agency report.”  The April 2, 2024 article entitled

Continue Reading Bad news! Poor Cloud Controls at HHS!

HealthInfoSecurity.com reported that “State regulators have fined a large New York academic medical center $300,000 to settle privacy violations related to the organization’s prior use of tracking tools in its websites and patient portal. Regulators said the hospital had violated HIPAA rules in sharing patient information with third parties for

Continue Reading NY Hospital Fined $300K for Web Tracker Use!

HealthcareInfoSecurity.com reported that “A consumer genetic testing company must ensure the destruction of customer saliva samples and undergo third-party evaluation of its information security program for the next two decades under a proposed consent order with the U.S. Federal Trade Commission.”  The June 16, 2023 article entitled “FTC Orders 1Health.io

Continue Reading FTC orders protection of DNA data privacy, what about OCR’s oversight?