Healthcare Information Security

HIPAA and Compliance News

HIPAA Privacy Rule Changes Proposed for Background Checks

by

The Department of Health and Human Services (HHS) announced potential modifications to the HIPAA Privacy Rule in an effort to improve the background check process individuals go through in order to purchase a firearm.   Under the changes,...

How Administrative Safeguards Can Prevent Data Breaches

by

Preventing healthcare data breaches is a common goal for covered entities of all sizes. It can be easy to let the importance of administrative safeguards fall behind other areas, such as concerns over hacking and stolen devices, but organizations...

Lessons Learned From the 2015 OCR HIPAA Settlements

by

Maintaining HIPAA compliance should always be a top priority for covered entities and their business associates, but this is not always a simple feat to accomplish. The 2015 OCR HIPAA settlements are all examples of how a seemingly simple oversight...

Stage 3 Meaningful Use Overlaps With HIPAA, CHIME Says

by

Stage 3 Meaningful Use requirements are burdensome, and more time is needed for healthcare providers to properly adjust, the College of Healthcare Information Management Executives (CHIME) said in a recent letter to the Centers for Medicare &...

Lack of Risk Assessment Key in UWM $750K HIPAA Settlement

by

The University of Washington Medicine (UWM) recently agreed to a $750,000 fine as part of a HIPAA settlement, which was the result of a 2013 incident. UWM filed a breach report to OCR November 27, 2013, where an email containing malicious malware...

Lawyers Break Down 2016 HIPAA Audits, Connected Devices

by

The increase in connected medical devices and the reportedly upcoming second round of OCR HIPAA audits are some of the top areas to watch next year in terms of healthcare data privacy and security, according to lawyers who specialize in the industry....

State HIPAA Settlement Reached in URMC Data Breach Case

by

New York Attorney General Eric T. Schneiderman reached a HIPAA settlement with the University of Rochester Medical Center (URMC), following a healthcare data breach from last spring that compromised approximately 3,400 patients’ PHI. As...

Lahey Hospital Agrees to $850K OCR HIPAA Settlement

by

Lahey Clinic Hospital, Inc. (Lahey) agreed to an OCR HIPAA settlement that stemmed from a 2011 incident where an unencrypted laptop was stolen, potentially compromising the PHI of 599 individuals. Lahey was fined $850,000 as part of the settlement...

The OCR HIPAA Compliance Audits Procedure: A Review

by

The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has reportedly begun to implement its next round of HIPAA compliance audits, set to take place in the early part of 2016. Earlier this week, HealthITSecurity.com...

Reviewing HIPAA Compliance Enforcement Actions

by

With the next round of OCR HIPAA audits reportedly set to take place next year, no healthcare organization can assume that it will not be affected. To the same effect, business associates must also ensure that they are in full HIPAA compliance....

PHI Data Breach Leads to $90K Agreement for Conn. Hospital

by

A PHI data breach that took place in 2012 recently resulted in a Connecticut hospital and one of its contractors having to pay $90,000 to the state. Hartford Hospital and EMC Corporation both signed an agreement saying they would pay the state...

AHA Discusses Mental Health Legislation, HIPAA Regulations

by

The American Health Association (AHA) recently announced its support of mental health legislation that would potentially affect current HIPAA regulations and also allow states to use federal Medicaid funds to cover services for adults in inpatient...

Is Patient Privacy Violated When Docs Take Patient Data?

by

Instances of healthcare professionals taking patient information with them as they change practices is becoming a prevalent issue with patient privacy. Earlier this month, a lawsuit was filed in Fresno, California challenging this very issue....

OCR HIPAA Privacy, Security Platform Launched for Developers

by

The US Department of Health and Human Services Office for Civil Rights (OCR) recently launched a portal designed for health application developers, so that they can learn more about HIPAA Privacy and Security issues. As more organizations are...

How Do HIPAA Regulations Apply After Death?

by

HIPAA regulations help ensure that covered entities and business associates put in the necessary safeguards to keep individuals sensitive medical information secure. But what happens after a patient passes away? Are healthcare providers still...

Study Shows OCR HIPAA Compliance, Breach Recovery Lacking

by

The Office for Civil Rights (OCR) has room for improvement in several health data security areas, including its HIPAA compliance and ability to follow up on PHI data breaches, according to two separate reports from the Office of Inspector General...

Alleged HIPAA Violations in Lawsuit Against D.C. Hospitals

by

A class-action lawsuit has been filed against MedStar Georgetown University Hospital and George Washington University Hospital for potential HIPAA violations related to patients being able to receive copies of their medical records. Four individuals...

What Will the Upcoming OCR HIPAA Audits Entail?

by

While the upcoming HIPAA audits from the Office for Civil Rights (OCR) have continued to be delayed, it seems as if they are finally moving forward. Healthcare organizations of all sizes need to ensure that they are prepared for a potential investigation...

HIPAA Regulations and Family Medical History

by

HIPAA regulations are meant to keep individuals’ PHI secure and out of the hands of unauthorized users. In previous weeks, HealthITSecurity.com has discussed how PHI should be handled in numerous situations, and in which situations it is...

Breaking Down HIPAA: PHI Security in Patient File Disposal

by

PHI security is an integral part in protecting patient privacy and confidentiality. As such, HIPAA provides ample guidance on how covered entities may maintain PHI security via the HIPAA privacy rule. The HIPAA privacy rule seeks to provide covered...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks