By Kishore Pendyala – Compliance by design has emerged as a defining advantage for AI‑driven healthcare IT startups, reshaping how they earn trust and compete in a rapidly shifting regulatory landscape. As CMS and ONC continue to refine expectations around data privacy, interoperability, algorithmic transparency, and patient rights, startups that embed…
Read More
By Matt Fisher – Revealing a data breach can be a hard action for an organization to take. The ongoing stream of notifications still generates attention, which is typically not positive when a security breakdown is revealed. At the same time, the notification is (or should be) unavoidable since the HIPAA breach notification rule is clear about what action is necessary.
By Alix Goss – Changes to how HIPAA-adopted standards are maintained rarely generate much attention. They tend to unfold slowly, behind the scenes, and often become visible only once a new version is formally named in a regulation. That lack of visibility can make it easy to miss early signals about how standards are….
By Frank Zamani – A physician needed to share large imaging files with a specialist. The hospital’s file transfer system was too slow, so she used Dropbox instead. Three months later, a compliance audit revealed PHI for 2,400 patients had been stored on an unauthorized platform, no encryption, no access controls, no business associate agreement. The potential HIPAA penalties: up to $1.7 million.
By Devin Partida – One of the most crucial responsibilities in healthcare is protecting patient information. Federal and state regulations determine what healthcare professionals can share, but loved ones want to be involved and informed of what’s happening.
By Matt Fisher – Access to data and the enablement of data flow are significant issues and concerns within healthcare. In particular, individuals often have a hard time getting to their own data. Those difficulties exist even with different regulations in place designed to promote and require access to data.
By Andrew Mahler – Imagine a large health system implementing an advanced AI-powered imaging tool designed to assist radiologists in identifying abnormalities in chest CT scans. The AI vendor’s marketing materials include data demonstrating faster turnaround times and reduced error rates, promising enhanced efficiency and accuracy.
By Matt Fisher – The drumbeat of settlement agreements for alleged HIPAA violations by the Office for Civil Rights is continuing along with the consistent finding that the required risk analysis did not occur. The consistent announcement of settlements offers regular reminders to the healthcare industry that OCR is watching and expecting compliance to improve.
By Matt Fisher – The risk to privacy and security of healthcare information, despite all of the headlines, does not only come from outside attackers. Inside threats are real and can go undetected for potentially longer periods of time.