Healthcare Information Security

HIPAA Compliance

5 Lessons Learned in OCR HIPAA Settlements

by Elizabeth Snell

Healthcare organizations cannot assume that they will never experience a data breach or data security incident. Failure to update safeguards or audit controls could also lead to an OCR HIPAA settlement, which could be paired with a high fine...

HHS Updates HIPAA Breach Reporting Tool, Empowers Consumers

by Elizabeth Snell

The recently updated HIPAA Breach Reporting Tool (HBRT) will highlight recent healthcare data breaches and help consumers learn how such incidents are investigated, according to OCR. The agency explained in a statement that the new HBRT “features...

AHIMA Focuses on HIPAA Compliance in New Patient Data Form

by Elizabeth Snell

AHIMA released a new form that streamlines the patient data request process and also maintains HIPAA compliance. Patient have the right to request access to their own information under HIPAA regulations, but are sometimes confused about the process....

ONC Stresses Improved Patient Data Access Measures

by Elizabeth Snell

Healthcare organizations need to improve their processes for patient data access measures, as this will reduce consumer burden and also help entities coordinate better care, according to an ONC report. ONC explained in Improving the Health Records...

Medical Record Security Key Focus in Indiana Senate Bill

by Elizabeth Snell

Database owners are now required to ensure medical record security by safeguarding healthcare data stored in their systems, according to a recently updated Indiana bill. Senate Bill 549 changed the definition of “abandoned” medical...

Creating a Healthcare Security Incident Reporting Process

by Clyde Hewitt of CynergisTek

With the recent wave of ransomware attacks, hacking attempts, and unauthorized disclosures, healthcare organizations have more opportunities to exercise their incident management plans. Unfortunately, these same organizations are learning the...

HIPAA Regulations Not Applicable in TN Supreme Court Case

by Elizabeth Snell

Medical authorization compliant with HIPAA regulations is not required when a pre-suit notice is sent to a single healthcare provider, according to a recent Tennessee Supreme Court ruling. In 2011, Deborah Bray filed a healthcare liability suit...

NJ Gov. Seeks Ease in HIPAA Regulations for Opioid Fight

by Elizabeth Snell

New Jersey Governor Chris Christie will likely propose HIPAA regulations be loosened in cases of opioid overdoses, according to multiple news outlets. Christie spoke at Morristown Medical Center to the Partnership for a Drug Free New Jersey earlier...

Utilizing Secure Texting for Efficient, Simple Communications

by Elizabeth Snell

Maintaining HIPAA compliance in provider-to-patient communication and even in physician-to-physician communication is critical, which is why secure texting has increased in popularity. With technology evolving, organizations cannot afford to...

Implementing HIPAA Technical Safeguards for Data Security

by Elizabeth Snell

The push for digital health records is not going to slow down anytime soon, and as recent cases of ransomware attacks show, healthcare organizations must create comprehensive data security measures. HIPAA technical safeguards are just one key...

Improving Patient Privacy, Workflow with HIPAA Compliant Forms

by Elizabeth Snell

Cloud-based services are quickly becoming more common in healthcare, especially as organizations are trying to find HIPAA compliant ways of keeping ePHI secure. However, these tools cannot hinder how physicians and staff members perform daily...

OCR Newsletter Reviews Healthcare Cybersecurity Best Practices

by Elizabeth Snell

Even the most current and comprehensive security controls cannot guarantee that PHI security will never be compromised, which is why healthcare cybersecurity best practices should be regularly reviewed. OCR’s May cybersecurity newsletter...

HHS Reiterates OCR Ransomware Guidance after Recent Attack

by Elizabeth Snell

The WannaCry ransomware attack should serve as a strong reminder to healthcare organizations to maintain necessary data security measures, including proper employee training. Adhering to the OCR ransomware guidance will also help covered entities...

Maintaining HIPAA Privacy through Increased Patient Access

by Elizabeth Snell

The HIPAA Privacy Rule is not something that covered entities or business associates can afford to ignore, even as technology continues to evolve and patients have increased access to their own records. AHIMA raised a key issue though in a recent...

Memorial Hermann Agrees to $2.4M OCR HIPAA Settlement

by Elizabeth Snell

Texas-based Memorial Hermann Health System (MHHS) recently agreed to a $2.4 million OCR HIPAA settlement following multiple allegations of inappropriate PHI disclosure. OCR conducted a compliance review after numerous media reports claimed that...

NJ Psychologist to Fight HIPAA Violation Allegations

by Elizabeth Snell

New Jersey-based psychologist Dr. Barry Helfmann has been accused of failing to prevent patient mental health diagnoses and treatment details from being released. The alleged HIPAA violations reportedly occurred when Helfmann’s practice...

Lack of Business Associate Agreement Equals $31K Settlement

by Elizabeth Snell

The Center for Children’s Digestive Health (CCDH) recently settled potential HIPAA violations by not having a business associate agreement in place, and paid OCR $31,000. The Illinois-based healthcare provider underwent an OCR compliance...

2017 OCR HIPAA Settlements Focus on Risk Analyses, Safeguards

by Elizabeth Snell

Maintaining PHI security must remain a top priority for covered entities and business associates year-round. Lackluster safeguards and irregular risk analyses can lead to potential data security issues, and even an OCR HIPAA settlement. With...

Judge Says HIPAA Regulations Do Not Apply in Organ Donor Case

by Elizabeth Snell

Patient records from the New York Organ Donor Network are not liable to HIPAA regulations, according to a recent New York Supreme Court ruling. A former network official claimed that four patients had not yet been declared legally dead before...

Prioritizing Healthcare Data Security in Aggregation, Sharing

by Elizabeth Snell

Data aggregation is quickly becoming a larger issue in healthcare, especially as organizations begin to switch over from fee-for-service models to value-based healthcare. As entities continue to gather, store, and transfer sensitive information,...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks