Healthcare Information Security

HIPAA Compliance

Understanding the Gray Areas in HIPAA Compliance

April 28, 2016 - Several weeks have passed since the HHS Office for Civil Rights (OCR) announced the launch of phase two of its HIPAA audit program. No surprises, then, that HIPAA compliance is a topic that’s receiving a lot of attention right now. To add fuel to the compliance fire, it seems barely a day passes without news of another large data breach hitting the headlines, or without a report...


Articles

OCR HIPAA Settlement Costs New York Hospital $2.2M

by Jacqueline Belliveau

A recent Office of Civil Rights (OCR) HIPAA settlement agreement states a New York-based hospital must pay $2.2 million after it allowed unauthorized filming of patients, according a Department of Health and Human Services (HHS) press release....

Orthopedic Provider Agrees to $750,000 OCR HIPAA Settlement

by Jacqueline Belliveau

The Raleigh Orthopaedic Clinic, P.A. of North Carolina has agreed to pay approximately $750,000 in OCR HIPAA settlement fines after an alleged healthcare data breach in 2013 involving a business associate, reported the Department of Health and...

Why It’s Important to Define Business Associate Agreements

by Sara Heath

In the healthcare industry, there is often so much that needs to be accomplished that one single hospital or clinic cannot do it alone, which is why they often enlist the help of business associates. As a way to protect any sensitive health information...

AHA Calls for Revisions in Healthcare Data Privacy Rule

by Jacqueline Belliveau

Federal regulation 42 CRF Part 2 (Part 2), a law that governs the healthcare data privacy of behavioral health information, should better align with HIPAA regulations to boost care coordination and health information exchange, according to a...

HIPAA Compliance Knowledge Growing Amongst Healthcare Pros

by Sara Heath

Healthcare organizations are doing more to remain HIPAA compliant compared to two years ago, says NueMD’s 2016 HIPAA Survey Update. The survey looked at HIPAA compliance trends amongst 927 healthcare professionals as a follow-up to a similar...

$1.5M HIPAA Settlement Fine for North Memorial Health Care

by Sara Heath

North Memorial Health Care of Minnesota will pay approximately $1.5 million in HIPAA settlement fines after it failed to identify its business associates, the Department of Health and Human Services (HHS) reports. Healthcare business associates...

HHS Reviews HIPAA Regulations for Workplace Wellness Programs

by Jacqueline Belliveau

A recent Department of Health and Human Services (HHS) blog post by Jocelyn Samuels, the Director of the Office for Civil Rights, discusses how HIPAA regulations apply to wellness programs that are part of an employee-sponsored group health plan....

Using a ‘Layered’ Approach for Health Data Security

by Elizabeth Snell

As technology has continued to evolve, healthcare data security has also needed to change in order to keep pace and keep sensitive information secured. That is why Illinois-based Riverside Healthcare has adopted security in layers, ensuring that...

Maintaining HIPAA Compliance in Social Media Interaction

by Savanna Myer of Evariant

Social media is everywhere – it’s used as a way to reach friends, family, consumers and even patients. In the healthcare industry, users of social media must be aware that there is a fine line between personal and professional information...

Understanding HIPAA Compliance, Violation Concerns

by Elizabeth Snell

Regardless of a healthcare organization’s size, HIPAA compliance must remain a top priority. This is especially critical as technology continues to evolve and more covered entities continue to implement innovative tools such as mobile devices...

ONC: HIPAA Regulations Help, Not Hinder Interoperability

by Elizabeth Snell

It is a common misconception that HIPAA regulations hinder covered entities’ ability to move patient information, according to a recent blog post by ONC Chief Privacy Officer Lucia Savage, J.D. and ONC Privacy Analyst Aja Brooks, J.D. Contrary...

Are You Prepared for the OCR HIPAA Audits?

by Keith Tyson

If Paul Revere were alive today, instead of warning, “The British are coming!” he might proclaim to healthcare organizations, “The auditors are coming! Be prepared!” Although the HITECH Act audit requirement became effective...

What are Top HIPAA Compliance Concerns, Obstacles?

by Elizabeth Snell

Maintaining HIPAA compliance should always be a key area for leaders in the healthcare industry, but as technology continues to evolve, there are numerous factors coming into play that could affect how organizations keep patient data secure....

HIPAA Regulation Updates Bring Mixed Reactions, Concerns

by Elizabeth Snell

The executive order from earlier this month that brought forth changes to HIPAA regulations has been met with both positive and negative reactions thus far. Some groups state the modifications will help reduce violence and firearm injuries, while...

Are Better HIPAA Guidelines Needed for Health Apps, Devices?

by Elizabeth Snell

The recent OCR HIPAA guidelines discussing patient access to health records is a positive step forward, according to one association, but more needs to be done to ensure better regulations for health apps and device companies. ACT | The App Association...

How Administrative Safeguards Can Prevent Data Breaches

by Elizabeth Snell

Preventing healthcare data breaches is a common goal for covered entities of all sizes. It can be easy to let the importance of administrative safeguards fall behind other areas, such as concerns over hacking and stolen devices, but organizations...

Lack of Risk Assessment Key in UWM $750K HIPAA Settlement

by Elizabeth Snell

The University of Washington Medicine (UWM) recently agreed to a $750,000 fine as part of a HIPAA settlement, which was the result of a 2013 incident. UWM filed a breach report to OCR November 27, 2013, where an email containing malicious malware...

HIPAA Compliance, Data Breaches Are Top 2015 Stories

by Elizabeth Snell

As 2015 comes to an end, it can be beneficial to review the top issues that covered entities and their business associates encountered on a daily basis. Understanding HIPAA compliance will be critical for 2016, especially as the Office for Civil...

State HIPAA Settlement Reached in URMC Data Breach Case

by Elizabeth Snell

New York Attorney General Eric T. Schneiderman reached a HIPAA settlement with the University of Rochester Medical Center (URMC), following a healthcare data breach from last spring that compromised approximately 3,400 patients’ PHI. As...