Healthcare Information Security

OCR HIPAA Audits

Health Center Agrees to $400K OCR HIPAA Settlement

April 13, 2017 - Failing to conduct a risk analysis and not implementing a corresponding risk management plan to address found risks and vulnerabilities were part of the reasoning behind the latest OCR HIPAA settlement. Metro Community Provider Network (MCPN) agreed to a $400,000 settlement stemming from data breach allegations that took place in 2012. MCPN is a federally-qualified health center (FQHC),...


More Articles

Health Center Agrees to $400K OCR HIPAA Settlement

by Elizabeth Snell

Failing to conduct a risk analysis and not implementing a corresponding risk management plan to address found risks and vulnerabilities were part of the reasoning behind the latest OCR HIPAA settlement. Metro Community Provider Network (MCPN)...

Expanding Beyond HIPAA Audit Prep for Information Governance

by Elizabeth Snell

Earlier this month, the American Health Information Management Association (AHIMA) published its newest toolkit to assist organizations in preparing for HIPAA audits. The “External HIPAA Audit Readiness Toolkit” addresses...

$2.2M OCR HIPAA Settlement Highlights ePHI Safeguard Need

by Elizabeth Snell

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced a HIPAA settlement stemming from allegations of a lack of ePHI safeguards. MAPFRE Life Insurance Company of Puerto Rico (MAPFRE) agreed to the...

OCR ‘Laser Focused’ on HIPAA Violation Complaints, Enforcement

by Elizabeth Snell

While 2015 and 2016 saw the Office for Civil Rights (OCR) enter into a record number of settlement agreements, most of its received complaints do not involve an alleged HIPAA violation, according to HHS Director Jocelyn Samuels. Healthcare technology...

Why Latest OCR HIPAA Audits are About Compliance, Action

by Elizabeth Snell

The Office for Civil Rights (OCR) announced the second round of its HIPAA audit program on July 11, 2016, sending out notification emails to 167 covered entities. The desk audits will review how healthcare organizations adhere to the HIPAA Privacy,...

OCR Aims to Improve Smaller Data Breach Investigation Process

by Elizabeth Snell

Starting in August 2016, the Office for Civil Rights (OCR) will start an initiative to better investigate smaller data breaches. The data breach investigation process will look further into the root causes of incidents affecting fewer than 500...

OCR Clarifies HIPAA Desk Audits, Unique Device Identifiers

by Elizabeth Snell

With the Office for Civil Rights (OCR) announcing the HIPAA desk audits earlier this month, the Department of Health and Human Services (HHS) wanted to ensure that covered entities fully understand the process and how it will potentially affect...

Latest Round of OCR HIPAA Audits Not a Reason for Panic

by Elizabeth Snell

The second round of the OCR HIPAA audits is officially underway, with desk audits being announced in July 2016. Notification letters were sent out to 167 covered entities on Monday, July 11, that they had been selected for the desk audit portion...

Desk Audits Begin for OCR Phase Two HIPAA Audits

by Elizabeth Snell

The Office for Civil Rights (OCR) officially launched phase two of its HIPAA audit program earlier this week, sending out notification letters to selected covered entities. The letters were sent out on July 11, according to an OCR email, with...

Ensuring HIPAA Compliance Before a Potential HIPAA Audit

by Clyde Bennett of Aldridge Health

Businesses and healthcare providers are facing increasing pressure to meet and maintain HIPAA compliance standards. The Office for Civil Rights (OCR) announced it will be performing a new round of random audits throughout 2016. Before 2016, 98...

Business Associate Agrees to $650K OCR HIPAA Settlement

by Elizabeth Snell

The latest OCR HIPAA settlement further underscores that business associates (BAs) need to ensure that they are adhering to the same data security standards as covered entities. Catholic Health Care Services of the Archdiocese of Philadelphia...

OCR HIPAA Settlements Highlight PHI Disclosure, Compliance

by Elizabeth Snell

Understanding the proper safeguards when it comes to HIPAA compliance, following proper PHI disclosure methods, and implementing comprehensive business associate agreements are all key areas to keeping data secure, according to the 2016 OCR HIPAA...

Earlier HIPAA Audits Help Healthcare Data Breach Prevention

by Elizabeth Snell

Utilizing better communication, implementing a universal HIPAA audit certification system, and embracing cyber insurance are just some of the recommendations for better healthcare data breach prevention recently put forth by the Brookings Institution....

OIG Finds Information Security Issues with VA Audit Logs

by Jacqueline Belliveau

According to a recent VA Office of Inspector General (OIG) report, the Veterans Benefits Administration neglected to implement appropriate audit logs that would identify information security violations in the Veterans Benefits Management System...

Using Risk Assessments, Management for OCR HIPAA Audits

by Elizabeth Snell

There has been much discussion over the second round of OCR HIPAA audits, with covered entities of all sizes wanting to know how they can best prepare for a potential investigation. Having an updated and thorough risk management process will...

Top Tips for OCR HIPAA Audit Preparation

by Elizabeth Snell

With the most recent round of OCR HIPAA audits announced just last month, many healthcare organizations are working to ensure that they are prepared should they be called for investigation. While the announcement should not come as a total surprise,...

Top 5 Things to Remember About OCR HIPAA Audits

by Elizabeth Snell

With the second round of the OCR HIPAA audits set to start soon, it is essential that covered entities and business associates of all sizes ensure that they are HIPAA compliant and ready for a potential investigation. Organizations’ processes,...

OCR Releases Details of Phase 2 HIPAA Audits Starting Soon

by Sara Heath

The Office of Civil Rights (OCR) has announced Phase 2 of its HIPAA audits, according to a public announcement. The agency, which is a part of the Department of Health & Human Services, will be conducting these audits in an effort to keep...

Prioritizing Patient Privacy in Your Auditing Approach

by Elizabeth Snell

LAS VEGAS - When it comes to patient privacy, a passive approach to the auditing process is not going to be enough. Covered entities need to take initiative and ensure that they are doing everything in their power to proactively find potential...

Understanding Medical Device Security in Healthcare Today

by Elizabeth Snell

LAS VEGAS – There is no question that medical device security is a top issue in today’s healthcare industry, especially as more providers are looking to implement connected devices.   All of the attention being given to medical...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks