Healthcare Information Security

HIPAA Compliance

Administrative Safeguard Need Highlighted in PA Indictment

March 24, 2017 - Healthcare organizations must ensure that they have comprehensive and regularly updated administrative safeguards, such as user authentication measures and proper access control. A failure to have these in place, or having outdated ones, could potentially lead to a data breach. This was proven in a recent Pennsylvania federal grand jury case, where a man was indicted on charges stemming from...


More Articles

Administrative Safeguard Need Highlighted in PA Indictment

by Elizabeth Snell

Healthcare organizations must ensure that they have comprehensive and regularly updated administrative safeguards, such as user authentication measures and proper access control. A failure to have these in place, or having outdated ones, could...

How Do HIPAA Regulations Apply to Wearable Devices?

by Elizabeth Snell

Both covered entities and business associates should be well-aware of the OCR HIPAA audit program, especially as Phase 2 has been underway for several months now. However, as technology continues to evolve, there are also several areas that could...

Expanding Beyond HIPAA Audit Prep for Information Governance

by Elizabeth Snell

Earlier this month, the American Health Information Management Association (AHIMA) published its newest toolkit to assist organizations in preparing for HIPAA audits. The “External HIPAA Audit Readiness Toolkit” addresses...

How HIPAA Regulations Allow for Patient Data Access

by Elizabeth Snell

Patients being able to access their own information is an essential right under HIPAA regulations, according to the American Health Information Management Association (AHIMA). However, patient data access is often misunderstood, and individuals...

How Secure Communication Platform Benefits TX Health System

by Elizabeth Snell

As more healthcare providers are implementing mobile devices and opting for new technologies to improve patient care, the need for secure communication platforms have become more necessary. Physicians need to be able to communicate with one another,...

Lawsuit Filed to Avoid Potential Health Data Exposure Fines

by Elizabeth Snell

A Wisconsin-based publishing company recently filed a lawsuit claiming that it is being exposed to potential liability for unauthorized exposure of individuals’ personal health data. The concern over possible health information exposure...

$2.2M OCR HIPAA Settlement Highlights ePHI Safeguard Need

by Elizabeth Snell

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced a HIPAA settlement stemming from allegations of a lack of ePHI safeguards. MAPFRE Life Insurance Company of Puerto Rico (MAPFRE) agreed to the...

ONC, OCR Fact Sheet Discusses HIPAA Health Data Exchange

by Elizabeth Snell

In an effort to answer questions over how oversight agencies can receive information in health data exchange, the Office of the National Coordinator (ONC) and Office for Civil Rights (OCR) released a fact sheet discussing how HIPAA allows such...

OCR Clarifies PHI Disclosure Guidance in HIPAA Privacy Rule

by Elizabeth Snell

Partially due to legal confusion following the 2016 Orlando nightclub shooting, the Office for Civil Rights (OCR) has released an FAQ clarifying certain aspects of PHI disclosure policies with patients’ loved ones under the HIPAA Privacy...

Breach Notification Center of Presence Health HIPAA Settlement

by Elizabeth Snell

Healthcare network Presence Health recently agreed to a $475,000 OCR HIPAA settlement following a reported data breach and a subsequent delayed breach notification process. Presence submitted a breach notification report to OCR on January 31,...

Easing HIPAA Violation Concerns with Patient Data Access

by Elizabeth Snell

While the healthcare sector continues to work toward achieving nationwide interoperability, concerns over potential HIPAA violations with regard to patient data access is also on the rise. Covered entities need to allow individuals access to...

2016 OCR HIPAA Settlements Target Risk Analyses, Total $23.5M

by Elizabeth Snell

With 2016 winding down, covered entities and their business associates cannot ease up when it comes to protecting PHI. As the OCR HIPAA settlements from the year have shown, there has been a strong focus on healthcare organizations conducting...

HIPAA Audits, Ransomware, Mobile Security Top 2016 Headlines

by Elizabeth Snell

Healthcare data security is an ever-evolving area, with covered entities constantly working to ensure that they have the necessary tools in place to keep patient data safe. Over the past year, data breaches continued to be a hot topic in healthcare,...

ONC Fact Sheet Highlights HIPAA Health Data Sharing Points

by Elizabeth Snell

Several situations where health data sharing is permissible under HIPAA regulations were recently highlighted in a new fact sheet released by the Office of the National Coordinator for Health IT Technology (ONC) and the HHS Office for Civil Rights...

A Practical Guide to Healthcare Disaster Recovery Planning

by Jeremy Molnar of CynergisTek, Inc.

This year, healthcare has been hit by multiple cyber events that have demonstrated the importance of and just how critical contingency planning is to providing care. Furthermore, massive DDoS attacks using the thousands of IoT devices connected...

Regulations Drive Healthcare Cloud Security, Risk Standards

by Elizabeth Snell

The intense healthcare regulatory requirements are one of the key drivers of cloud service providers (CSPs) looking toward healthcare cloud security and risk standardization, according to a recent Gartner report. Gartner’s Market Guide...

How HIPAA Rules Can Aid Evolving Technology, Not Hinder It

by Elizabeth Snell

Communication technology is quickly evolving, and many healthcare providers are trying to keep pace. They could be looking to implement secure texting options or even consider communicating with patients through social media, but HIPAA rules...

OCR HIPAA Settlements Total $13.5M, Affect Entities and BAs

by Elizabeth Snell

The Office for Civil Rights (OCR) has shown with several of its recent HIPAA settlements that both covered entities and business associates are liable for potential HIPAA violations. OCR has said that as healthcare technology continues to evolve...

HIPAA Compliance Measures, Mobile Security Need Improvement

by Elizabeth Snell

As more healthcare organizations implement mobile options, ensuring that they maintain HIPAA compliance is essential. However, if a recent survey is any indication, covered entities have room for improvement when it comes to their mobile security....

Addressing FTC Jurisdiction Over HIPAA Covered Entities

by Elizabeth Snell

With the FTC recently releasing guidance on how HIPAA covered entities must adhere to the FTC Act in addition to HIPAA regulations, it is essential for healthcare organizations to be aware of the potential consequences for not doing so. When...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks