Healthcare Information Security

HIPAA

Another Major Storm, Another HHS HIPAA Privacy Rule Waiver

October 26, 2018 - HHS Secretary Alex Azar has issued another HIPAA Privacy Rule waiver for US territory the Northern Marianas Islands, which was devastated by Super Typhoon Yutu this week. Super Typhoon Yutu was a Category 5 storm when it hit the Northern Marianas Islands, with sustained winds of 180 mph. Electricity and phone services has been knocked out on the islands. This brings to three the...


More Articles

Azar Issues 2nd HIPAA Privacy Rule Waiver in As Many Months

by Fred Donovan

As in the case of Hurricane Florence, HHS Secretary Alex Azar has waived sanctions and penalties under certain HIPAA Privacy Rule provisions for areas impacted by Hurricane Michael. The waiver is intended to enable greater information...

Aetna Reaches Settlements with State AGs Over HIPAA Violations

by Fred Donovan

Health insurer Aetna has reached settlements with a number of state attorney generals over HIPAA violations resulting from mailings to HIV/AIDS and cardiac patients, the New Jersey attorney general announced Oct. 10. The three states and...

Hospitals Fail at HIPAA Compliance Re Medical Records Requests

by Fred Donovan

Many hospitals failed at HIPAA compliance in response to simulated patients’ requests for medical records, according to a study by Yale researchers published in the JAMA Network Open. The researchers surveyed 83 top-ranked US...

Despite Patient Privacy Risks, More People Use Wearables for Health

by Fred Donovan

Despite the patient privacy risks that collecting health data on insecure wearable devices could pose, the number of US consumers tracking their health data with wearables has more than doubled since 2013, according to the Deloitte 2018...

Iowa County Government Employee Alleges HIPAA Violation

by Fred Donovan

An employee of the Iowa’s Mahaska County government alleged that another employee committed a HIPAA violation when she locked a member of the public inside a building where files containing PHI were stored unsecured, the...

Congress Urged To Align 42 CFR Part 2 With HIPAA Privacy Rule

by Fred Donovan

The Partnership to Amend 42 CFR Part 2 is urging Congress to include the Overdose Prevention and Patient Safety Act (HR 6082), which would align 42 CFR Part 2 with the HIPAA Privacy Rule, in compromise opioid legislation that the House and...

MA Physician Gets 1-Year Probation for Criminal HIPAA Violation

by Fred Donovan

Rita Luthra, a Springfield, MA-based gynecologist, was sentenced Sept. 19 to one-year probation for a criminal HIPAA violation and obstruction of a criminal healthcare investigation. In April, a jury convicted her of allowing a...

Bill Would Exempt HIPAA Covered Entities from California Privacy Law

by Fred Donovan

The California legislature has passed amendments to the sweeping California Consumer Privacy Act that would, among other changes, exempt HIPAA covered entities and business associates from the state law’s requirements. It would also...

Arc of Erie County Hit With $200K Fine for HIPAA Violation

by Fred Donovan

The New York Attorney General has levied a $200,000 fine on Arc of Erie County for a HIPAA violation that exposed ePHI on 3,751 clients. The Buffalo-based nonprofit, which provides services to people with developmental disabilities,...

New PCORI Policy Has Data Rules In Line with HIPAA Regulations

by Fred Donovan

A new data sharing policy adopted by the Patient-Centered Outcomes Research Institute (PCORI) stipulates that all personally identifiable health information must be deidentified in accordance with HIPAA regulations. On Sept. 7, the PCORI...

Robust Health Data Security Needed for PHI-Laden Mobile Devices

by Fred Donovan

Strong health data security is vital for electronic media and mobile devices that process and/or store ePHI, stressed OCR in its August 2018 Cyber Security Newsletter. “Anyone with physical access to such devices and media,...

HIPAA Privacy Rule Can Be Tool for Health Information Exchange

by Fred Donovan

Rather than being a barrier to information sharing and interoperability, the HIPAA Privacy Rule can be seen as a tool to facilitate health information exchange and flow across the health ecosystem, argued OCR and ONC in an Aug. 30 blog...

Oklahoma Hospital Sued for Alleged HIPAA Violation Over Drowning

by Fred Donovan

McAlester Regional Health Center (MRHC) in Oklahoma is being sued for an alleged HIPAA violation for sharing information on a boy’s drowning with his biological mother, reported the Pauls Valley Democrat newspaper on Aug. 23. The...

HIPAA Security Rule Requires Secure Disposal of ePHI-Laden Devices

by Fred Donovan

The HIPAA Security Rule requires HIPAA covered entities and business associates to implement policies and procedures regarding the secure disposal and re-use of electronic devices and media containing ePHI so that ePHI cannot be retrieved,...

OCR On Pace To Assess Less Money in HIPAA Violation Fines in 2018

by Fred Donovan

OCR is on pace to conclude fewer HIPAA settlements and assess less money in HIPAA violation fines this year than in previous years, according to a report from the law firm Gibson Dunn. For the first half of this year, OCR has reported...

How Does HIPAA Apply to Wearable Health Technology?

by Fred Donovan

The use of wearable health technology is expected to expand substantially within the next few years. Wearable devices offer many health tracking capabilities, including measuring heart rate, number of steps taken per day, and glucose and...

Amazon’s Healthcare Push Could Run into HIPAA Compliance Issues

by Fred Donovan

Amazon has been expanding rapidly into the healthcare field, but its approach to patient privacy could use a lot of tweaking if the company doesn’t want to run into HIPAA compliance problems down the road. Amazon has set up a health...

Secure Healthcare Data Sharing Not a Priority for Some Workers

by Fred Donovan

Some healthcare workers don’t follow best practices for secure healthcare data sharing, according to a survey of 1,000 US workers by Igloo Software. Thirty percent of healthcare workers use non-approved apps in the workplace because...

Former UPMC Worker Indicted for HIPAA Violations

by Fred Donovan

Linda Sue Kalina, a former patient information coordinator at University of Pittsburgh Medical Center (UPMC), was indicted by a federal grand jury in Pittsburgh for HIPAA violations. The Butler County resident was charged on six counts of...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...