Healthcare Information Security

HIPAA and Compliance News

OCR Clarifies PHI Disclosure Guidance in HIPAA Privacy Rule

by

Partially due to legal confusion following the 2016 Orlando nightclub shooting, the Office for Civil Rights (OCR) has released an FAQ clarifying certain aspects of PHI disclosure policies with patients’ loved ones under the HIPAA Privacy...

Breach Notification Center of Presence Health HIPAA Settlement

by

Healthcare network Presence Health recently agreed to a $475,000 OCR HIPAA settlement following a reported data breach and a subsequent delayed breach notification process. Presence submitted a breach notification report to OCR on January 31,...

Easing HIPAA Violation Concerns with Patient Data Access

by

While the healthcare sector continues to work toward achieving nationwide interoperability, concerns over potential HIPAA violations with regard to patient data access is also on the rise. Covered entities need to allow individuals access to...

Utilizing Risk Analyses for Comprehensive HIPAA Compliance

by

As technology continues to evolve and become more intricate, covered entities and their business associates have to ensure they account for potential risk in all aspects of their organization. A key part to complete HIPAA compliance is an updated...

2016 OCR HIPAA Settlements Target Risk Analyses, Total $23.5M

by

With 2016 winding down, covered entities and their business associates cannot ease up when it comes to protecting PHI. As the OCR HIPAA settlements from the year have shown, there has been a strong focus on healthcare organizations conducting...

HIPAA Audits, Ransomware, Mobile Security Top 2016 Headlines

by

Healthcare data security is an ever-evolving area, with covered entities constantly working to ensure that they have the necessary tools in place to keep patient data safe. Over the past year, data breaches continued to be a hot topic in healthcare,...

ONC Fact Sheet Highlights HIPAA Health Data Sharing Points

by

Several situations where health data sharing is permissible under HIPAA regulations were recently highlighted in a new fact sheet released by the Office of the National Coordinator for Health IT Technology (ONC) and the HHS Office for Civil Rights...

HIPAA Privacy Changes Not in Recent 21st Century Cures Act

by

The House of Representatives passed the 21st Century Cures Act yesterday with a vote of 392 to 26. This latest version of the legislation did not include wording that could have made it possible to change the HIPAA Privacy Rule and potentially...

UMass Agrees to $650K OCR HIPAA Settlement after Allegations

by

Following alleged HIPAA violations stemming from a malware infection that potentially exposed the ePHI of 1,670 individuals, the University of Massachusetts Amherst (UMass) agreed to an OCR HIPAA settlement. Along with adhering to a corrective...

How HIPAA Rules Can Aid Evolving Technology, Not Hinder It

by

Communication technology is quickly evolving, and many healthcare providers are trying to keep pace. They could be looking to implement secure texting options or even consider communicating with patients through social media, but HIPAA rules...

OCR HIPAA Settlements Total $13.5M, Affect Entities and BAs

by

The Office for Civil Rights (OCR) has shown with several of its recent HIPAA settlements that both covered entities and business associates are liable for potential HIPAA violations. OCR has said that as healthcare technology continues to evolve...

Pharmaceutical Leaders Sentenced for HIPAA Violations, Fraud

by

Three former district managers of a pharmaceutical firm have been sentenced for their connection in committing HIPAA violations and healthcare fraud, according to a release from the District of Massachusetts U.S. Attorney’s Office (USAO)....

HIPAA Compliance Measures, Mobile Security Need Improvement

by

As more healthcare organizations implement mobile options, ensuring that they maintain HIPAA compliance is essential. However, if a recent survey is any indication, covered entities have room for improvement when it comes to their mobile security....

PHI Access Challenges Addressed in Recent ONC Resources

by

Healthcare organizations face numerous potential PHI access challenges, especially as more entities continue to adopt new EHRs, according to the Office of the National Coordinator (ONC). That is why ONC wanted to ensure that covered entities...

Addressing FTC Jurisdiction Over HIPAA Covered Entities

by

With the FTC recently releasing guidance on how HIPAA covered entities must adhere to the FTC Act in addition to HIPAA regulations, it is essential for healthcare organizations to be aware of the potential consequences for not doing so. When...

Why Businesses Must Adhere to FTC Act and HIPAA Privacy Rule

by

Businesses that collect and share consumer health information need to not only be mindful of the HIPAA Privacy Rule, but must also adhere to the FTC Act. The Federal Trade Commission (FTC) released new guidance on key privacy and security considerations...

St. Joseph Health Agrees to $2.14M OCR HIPAA Settlement

by

A health care delivery system recently agreed to an OCR HIPAA settlement following reports that it had publicly accessible files containing ePHI from 2011 to 2012. St. Joseph Health (SJH) notified OCR on February 14, 2012 that certain files containing...

OCR ‘Laser Focused’ on HIPAA Violation Complaints, Enforcement

by

While 2015 and 2016 saw the Office for Civil Rights (OCR) enter into a record number of settlement agreements, most of its received complaints do not involve an alleged HIPAA violation, according to HHS Director Jocelyn Samuels. Healthcare technology...

ONC, OCR Revise HIPAA Security Risk Assessment Tool

by

In an effort to ensure that healthcare organizations of all sizes can prepare for potential cybersecurity issues, the Office of the National Coordinator (ONC) and the Office for Civil Rights (OCR) recently updated the HIPAA Security Risk Assessment...

Provider PHI Access Key Aspect to HIPAA Privacy Rule

by

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently clarified that business associates cannot block provider PHI access or terminate that access under the HIPAA Privacy Rule. In a Frequently Asked Questions...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks