Data is rapidly becoming one of the most valuable assets in the healthcare market, putting digital health companies that collect and process large amounts of personal data at higher risk than many other types of businesses. If you have a healthcare business, then you’ll want to keep reading…
Read MoreDiscover how Privacy compliance impacts Digital Health Startup founders and executives in terms of access to capital and securing key vendor agreements in this webinar replay. You may not have ever looked at Privacy this way before, and we encourage you to explore this perspective so you can close those critical deals without unnecessary delay.
Read MoreNew technologies in healthcare means new risk to the security and privacy of patient health data. Though most healthcare companies and providers are aware of the need for internal data security, many may not be in compliance when sharing information with third parties. As providers and vendors find new and innovative ways to work together, the need for data sharing will only increase. It is critically important that all parties know when and how protected health information (PHI) is shared, and when patient authorization is required to do so.
Read MoreWe like to find interesting tips and tricks to help our clients improve their health data security. This infographic from Inspired eLearning on "phishing" schemes covers the most common types of phishing attacks, including via email, phone call, text message, or USB baiting. Read on to learn about how these attacks can occur, common statistics, and prevention tips.
Read MoreMany digital health technology companies have customers from multiple, or even all, states accessing their software and services. If these health tech companies have California customers, then starting in January 2020, they may need to abide by the California Consumer Privacy Act.
Read MoreBy building compliance processes into your internal structure, audits can be completed faster and can bring to light information that is beneficial for both your customers and employees. Here are seven tips to prepare for a healthcare compliance audit.
Read MoreOn May 25, 2018, European law officially enforced the General Data Protection Regulation (GDPR). The GDPR was created to protect the personal data of EU citizens. This article examines two GDPR-compliant encryption methods in this article: standard encryption and pseudonymization.
Read MoreWe often advise our clients that one of the criteria separating a “high risk” breach from a “low risk” breach is whether the breach affects more or fewer than 500 individuals. This is because the HHS Office of Civil Rights (which is the HIPAA enforcement arm of HHS) has historically prioritized investigation of and corrective action following breaches affecting in excess of 500 individuals—OCR’s Regional Offices investigate all reported breaches involving the PHI of 500 or more individuals. However, OCR recently announced that it would be teaming up with its regional office staff to more widely investigate HIPAA breaches affecting fewer than 500 individuals—sending a strong signal to covered entities and business associates that no one is “safe” from repercussions emanating from a HIPAA breach.
Read More