Healthcare Information Security

HIPAA Compliance

Former UPMC Worker Indicted for HIPAA Violations

by Fred Donovan

Linda Sue Kalina, a former patient information coordinator at University of Pittsburgh Medical Center (UPMC), was indicted by a federal grand jury in Pittsburgh for HIPAA violations. The Butler County resident was charged on six counts of...

AHA Urges Consumer Education on HIPAA Privacy Rule and Health Apps

by Fred Donovan

The American Hospital Association (AHA) is calling on the US federal government to develop a consumer education program to make it clear that commercial providers of health apps may not be subject to the HIPAA Privacy...

Judge Dismisses Lawsuit Charging LabCorp with HIPAA Violation

by Fred Donovan

US District Court Judge Rudolph Contreras dismissed a lawsuit by Hope Lee-Thomas accusing LabCorp of a HIPAA violation for not providing adequate privacy protections at its Providence Hospital computer intake station. Lee-Thomas argued in...

Hospital Faxes Records to Wrong Person in Apparent HIPAA Violation

by Fred Donovan

OhioHealth’s Grant Medical Center has been sending faxes with patient information to the wrong person for months in an apparent HIPAA violation, reported ABC6 in Columbus, Ohio, on June 18. The information in the faxes...

House Passes Bill to Align SUD Rules with HIPAA Privacy Rule

by Fred Donovan

By a vote of 357-57, the US House passed the Overdose Prevention and Patient Safety Act (HR 6082) on June 20, which would align privacy protections for substance use disorder (SUD) patients with the HIPAA Privacy Rule. HR 6082 would...

Common Rule’s Final Version Exempts Certain HIPAA Covered Entities

by Fred Donovan

The federal government has issued the final rule for the Federal Policy for the Protection of Human Subjects, known as the Common Rule, that allows, among other things, more secondary research of EHR data by exempting low-risk studies...

WHS Suspends Dozen Employees for Alleged HIPAA Violations

by Fred Donovan

Pennsylvania-based Washington Health System (WHS) has suspended around a dozen employees for alleged HIPAA violations involving inappropriately accessing patient records in a high-profile case, the Observer-Reporter newspaper reported June...

Judge Upholds $4.3M Fines against MD Anderson for HIPAA Violations

by Fred Donovan

An HHS Administrative Law Judge (ALJ) ruled that the University of Texas MD Anderson Cancer Center (MD Anderson) must pay $4.3 million in civil money penalties for HIPAA violations. The judge backed OCR in its proposed determination,...

OCR Guidance Tackles PHI Research Use Under HIPAA Privacy Rule

by Fred Donovan

OCR has issued new guidance on the HIPAA Privacy Rule that explains certain requirements for an authorization to use or disclose PHI for research and clarifies aspects of the individual’s right to revoke an authorization. The...

HIPAA Security Rule Risk Analysis Remains Source of Confusion

by Fred Donovan

Widespread confusion in the healthcare industry continues to persist about OCR risk analysis requirements under the HIPAA Security Rule, according to legal experts David Gacioch and Edward Zacharias of McDermott Will & Emery. Failure...

New York Suspends Nurse for HIPAA Violation Affecting 3K Patients

by Fred Donovan

The state of New York has suspended Martha Smith-Lightfoot, a former nurse at the University of Rochester Medical Center (URMC), for a HIPAA violation. Smith-Lightfoot admitted to disclosing PHI when she took a list of more than 3,000...

Did EMS Worker Commit HIPAA Violation With Facebook Post?

by Fred Donovan

Did an emergency medical services (EMS) worker in Roane County, Tennessee, commit a HIPAA violation with a Facebook post that described the peculiar location of an emergency response—a chicken coop? The EMS worker was part of a...

Why Email Failed To Replace Fax For Secure Document Exchange

by J2 Global

Sharing PHI in a HIPAA-compliant fashion using current health IT infrastructure continues to prove a pain point for covered...

Personal Injury Attorney Ads Could Raise Patient Privacy Issues

by Fred Donovan

In a new trend that could raise patient privacy concerns, personal injury attorneys and marketers are using geofencing technology to deliver targeted advertisements to patients’ mobile phones when they visit emergency rooms or...

HIPAA Security Rule Requires Physical Security of Equipment

by Fred Donovan

While most HIPAA Security Rule violations involve electronic data breaches, healthcare providers and business associates could also face a violation for failing to physically secure computers and other equipment holding PHI. The HIPAA...

Cloud Security, HIPAA Compliance Deter Hospitals from Cloud

by Fred Donovan

Cloud security, HIPAA compliance, and privacy are the three primary concerns for hospital CIOs who have considered using cloud-based applications, according to a survey of 175 healthcare IT professionals by cloud-based digital health...

Judge Upholds Doc’s Conviction for Criminal HIPAA Violation

by Fred Donovan

US District Judge Mark G. Mastroianni upheld May 16 a federal jury’s earlier conviction of Rita Luthra, a Springfield, Massachusetts-based gynecologist, for a criminal HIPAA violation and obstructing a criminal healthcare...

Steward Must Satisfy Jury Doc Got Sacked for HIPAA Violation

by Fred Donovan

A Massachusetts federal judge ruled May 16 that Boston-based Steward Healthcare System must convince a jury that it fired a psychiatrist for an alleged HIPAA violation, not in retaliation for his taking disability leave after contracting...

OCR To Share HIPAA Data Breach Settlements With Victims

by Fred Donovan

OCR is proposing to share a percentage of HIPAA data breach settlements with victims, as required by the HITECH law. In the HHS semiannual regulatory agenda, OCR said it is soliciting the public’s view on establishing a methodology...

Does EHR Patient Access Fall Short of HIPAA Compliance?

by Fred Donovan

Patients and healthcare organizations face numerous challenges when providing EHR patient access for HIPAA compliance, according to a report released May 14 by the Government Accountability Office (GAO). Among the challenges faced by...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...