Data Breach

WPF to testify before NCVHS on emerging privacy concerns in health privacy — Beyond Digitization: Artificial Intelligence, APIs, and health privacy

WPF Executive Director Pam Dixon will testify before the full committee of the National Committee on Vital and Health Statistics (NCVHS) regarding emerging privacy concerns in the healthcare environment, including the role of artificial intelligence, patient authorizations, and automated access to patient health information.  The NCVHS is the statutory [42 U.S.C. 242k(k)] public advisory body

2019 updates to Interactive Medical Data Breach Map

We have updated our medical data breach map to bring it current to January 2019. This interactive map displays the location of each medical data breach recorded at the US Department of Health and Human Services from 2009-2018. To get the most from the map, you can view breaches by year, by region, and in a simple text list. 

Health Industry Cybersecurity Practices: New consensus practices and tools from HHS

The US Department of Health and Human Services (HHS) has produced a set of cybersecurity resources for healthcare provider organizations from small to large. So far, HHS has published four documents: an overview report of cybersecurity issues and practices, two technical volumes, and a toolkit. The documents focus on what an expert multistakeholder consensus group determined to be the five most prevalent cybersecurity threats and the ten core cybersecurity practices. The practices are voluntary, and utilize the NIST cybersecurity framework. The documentation is based in reality, not conjecture, and the documents are not intended to sell any particular products for any particular vendor. This has allowed for a rich and helpful documentation of current challenges along with solutions. See our overview of the four new resources.

Marriott data breach: key tips

The Marriott data breach announced on Nov. 30, 2018 is a significant breach, reaching across multiple countries and affecting an estimated 500 million people. The breach includes an array of data that does create the potential for meaningful identity theft risk. Who does the breach affect? The breach affected guests who booked through Marriott’s Starwood