HIPAA Compliance

Senators Press Ascension on Data Sharing Agreement with Google

by Jessica Davis

Sens. Bill Cassidy, MD, R-Louisiana, Elizabeth Warren, D-Massachusetts, and Richard Blumenthal, D-Connecticut, are pressing Ascension on its data sharing agreement it holds with Google, given the tech...

Judge Finalizes Quest Diagnostics Settlement Over 2016 Data Breach

by Jessica Davis

The US District Court in New Jersey issued a final approval of a class-action lawsuit settlement between Quest Diagnostics and the patients impacted by a 2016 data breach. The testing giant will pay...

OCR Settles with Utah Provider for $100K Over HIPAA Security Failures

by Jessica Davis

The provider office of Steven Porter, MD in Ogden, Utah has settled with the Department of Health and Human Services Office for Civil Rights after failing to implement certain HIPAA security...

Vendor Management Needed in Light of NRC Health Ransomware Attack

by Jessica Davis

Last week, NRC Health became the latest vendor to report it fell victim to a ransomware attack, which locked the company out of its computer systems as it worked to recover. Given its massive list of...

Accounting Firm Ransomware Hack Affects Community Care Patient Data

by Jessica Davis

New York-based accounting firm BST was recently infected with Maze malware, which potentially compromised patient data from Community Care Physicians. According to the notification, BST fell victim to...

Healthcare Providers Overconfident in Data Sharing Controls, Security

by Jessica Davis

The majority of healthcare providers are overconfident in their ability to control data sharing and the security of their data storage, according to a new report from Netwrix. Netwrix surveyed 1,045...

OIG Finds Serious Misuse of Medicare Data Transactions by Pharmacies

by Jessica Davis

The Department of Health and Human Service Office of the Inspector General recently discovered widespread inappropriate access and use of Medicare beneficiary data by pharmacies and other healthcare...

Computer Theft Exposes Personal, Health Data of 654K Oregon Patients

by Jessica Davis

Health Share of Oregon, the state’s largest Medicaid coordinated care organization is notifying 654,000 patients that their personal and health data has been exposed after a laptop was stolen...

Lawsuits Filed Against Health Quest, Tidelands After Data Breach Reports

by Jessica Davis

Health Quest and Tidelands Health are both facing lawsuits after the providers reported potential data breaches. Health Quest recently added more patients to the tally of victims impacted by a 2018...

Judge Rules Against HHS Over HIPAA Right of Access Third-Party Fees

by Jessica Davis

Washington, DC US District Court Judge Amit Mehta issued a blow to the Department of Health and Human Services for its 2013 HIPAA Right of Access rule around third-party requests for patient records,...

Evaluating Cyber Readiness, Vulnerabilities with Pen Testing

by Jessica Davis

Healthcare suffers with a unique endpoint challenge: a host of vendors, legacy systems, and an ever-increasing list of connected devices. But even with what it may deem a secure network, the threat landscape also continuously adds new...

Key Elements for Secure Business Associate Agreements, Relationships

by Jessica Davis

The healthcare sector relies on a vast number of third-party vendors, supply chain businesses, and other business associates to ensure relatively seamless care transactions. But with each transaction...

Health Plans Struggle with HIPAA Compliance, Unprepared for Audit

by Jessica Davis

Many health plan group sponsors are struggling to remain or are not fully compliant with HIPAA rules. Further, those same healthcare organizations are not prepared for a HIPAA audit, according to new...

Georgia Revives Patient Breach Lawsuit Against Athens Orthopedic

by Jessica Davis

The Supreme Court of Georgia has revived a patient data breach lawsuit against Athens Orthopedic Clinic, by unanimously reversing a Court of Appeals decision to dismiss the case. In July 2016, Athens...

UCLA Health Reaches $7.5M Settlement Over 2015 Breach of 4.5M

by Jessica Davis

UCLA Health reached a class-action lawsuit settlement with the 4.5 million current and former patients impacted by its May 2015 health data breach. The settlement will provide $2 million for...

What Is Cyber Insurance for Healthcare Organizations?

by Jessica Davis

The healthcare sector has been a prime target for hackers over the last few years. Attacks have increased in sophistication, shifting at times from the obvious ransomware attacks to subtle, credential-stealing cyberattacks that hide in the...

Complying with the HIPAA Privacy Rule During Emergency Situations

by Fred Donovan

Emergency situations and natural disasters, such as hurricanes, pandemics, or mass casualties, can quickly overwhelm healthcare systems. The last thing on people’s minds in those situations is complying with the HIPAA Privacy...