HIPAA Compliance News and Resources for Healthcare - Page 5

NIST Seeks Feedback on Guide to Implementing HIPAA Security Rule

May 05, 2021 by Jessica Davis

NIST announced it plans to update its Introductory Resource Guide for Implementing the HIPAA Security Rule and is seeking comment from industry stakeholders on proposed changes, including insights into...

Breach Victims File Class Action Lawsuit Against Einstein Healthcare

April 27, 2021 by Jessica Davis

Einstein Healthcare Network is facing a class-action lawsuit, following the August 2020 hack of several employee email accounts. The breach victims claim the Pennsylvania-based health system failed to...

4 Healthcare Providers, Vendors Report Data Breaches From 2020

April 23, 2021 by Jessica Davis

In recent weeks, a number of HIPAA-required notifications from covered entities and business associates have reported patient data breaches that occurred in 2020: Beacon Health...

COVID-19, Info Blocking Provisions: Time for HIPAA Compliance Checkup

April 07, 2021 by Jessica Davis

The information blocking provisions of the 21st Century Cures Act officially went into effect this week, putting into focus the Department of Health and Human Services’ regulatory and compliance...

Addressing the Security Vulnerabilities of Internal Communication Platforms

April 05, 2021 by Avanan

More and more organizations across all sectors are using Slack and Microsoft Teams for remote collaboration and communication. The NHS in England, for example, has used Microsoft Teams to communicate...

OCR Settles With NJ Specialist for Over HIPAA Right of Access Failure

March 29, 2021 by Jessica Davis

The Department of Health and Human Services Office for Civil Rights announced it reached a settlement with Village Plastic Surgery (VPS) to resolve potential violations of the HIPAA right of access...

Arbour Hospital Pays OCR $65K Over HIPAA Right of Access Violation

March 25, 2021 by Jessica Davis

The Department of Health and Human Services announced it reached a $65,000 settlement with Massachusetts-based Arbour Hospital, which resolved potential violations of the HIPAA right of access...

41 States Settle with AMCA Over 2019 Data Breach Affecting 21M Patients

March 12, 2021 by Jessica Davis

The Retrieval-Masters Creditors Bureau, d/b/a American Medical Collection Agency reached a with 41 state attorneys general, which could lead to a $21 million fine, to resolve a multistate investigation...

Trillium, SIU Medicine Added to Tally of Accellion FTA Breach Victims

March 11, 2021 by Jessica Davis

Trillium Community Health Plan and the Southern Illinois University School of Medicine recently reported some of their patient data was involved in the exploit of Accellion’s File Transfer...

HHS Extends Comment Period for HIPAA Privacy Rule Changes

March 09, 2021 by Jessica Davis

The Department of Health and Human Services Office for Civil Rights announced it has extended the comment period for proposed changes to the HIPAA Privacy Rule. Proposed in December 2020, the changes...

100K Patients Impacted by Cochise Eye and Laser Ransomware Attack

March 04, 2021 by Jessica Davis

Arizona-based Cochise Eye and Laser recently notified 100,000 patients that their data was potentially compromised or deleted after a ransomware attack on January 13. The provider operates three sites...

$70K OCR Penalty for Sharp Health Over HIPAA Right of Access Failures

February 15, 2021 by Jessica Davis

California-based Sharp HealthCare, doing business as Sharp Rees-Stealy Medical Centers (SRMC), has agreed to a corrective action plan and to pay the Office for Civil Rights a $70,000 civil monetary...

Renown Health Pays OCR $75K for HIPAA Right of Access Failure

February 11, 2021 by Jessica Davis

The Office for Civil Rights reached a $75,000 civil monetary penalty and corrective action plan with Nevada-based Renown Health, to settle a potential violation of the HIPAA right of access...

Judge Dismisses Brandywine Urology Breach Lawsuit, Citing Lack of Harm

February 01, 2021 by Jessica Davis

A healthcare data breach lawsuit against Brandywine Urology Consultants has been dismissed by the Delaware Superior Court, as the victims failed to provide evidence of injuries or losses caused by the...

Cyberattack Drives Okanogan County Public Health IT System Offline

January 26, 2021 by Jessica Davis

A cyberattack on Washington’s Okanogan County government computer infrastructure has driven multiple regional offices offline, including the Public Health department, according to a news...

Insurer Pays $5.1M OCR Penalty for Data Breach Involving 9.3M Patients

January 15, 2021 by Jessica Davis

New York-based Excellus Health Plan, doing business as Excellus BlueCross BlueShield and Univera Healthcare, agreed to a $5.1 million civil monetary penalty and a corrective action plan with the...

Judge Vacates $4.3M OCR Penalty Against MD Anderson Over Data Loss

January 15, 2021 by Jessica Davis

The US Court of Appeals for the Fifth Circuit has vacated the $4.3 million civil monetary penalty against the University of Texas MD Anderson Cancer Center after two years and several lost appeals. The...

Banner Health to Pay OCR $200K for HIPAA Right of Access Failures

January 13, 2021 by Jessica Davis

The Department of Health and Human Services Office for Civil Rights reached a $200,000 civil monetary penalty and a corrective action plan with Banner Health, to resolve potential violations of the...

HIPAA Safe Harbor Bill Becomes Law; Requires HHS to Incentivize Security

January 11, 2021 by Jessica Davis

President Donald Trump officially signed HR 7898 into law on January 5. The HIPAA Safe Harbor bill amends the HITECH act to require the Department of Health and Human Services to incentivize best...

OCR Guide on HIPAA-Compliant PHI Disclosures Via HIEs, Amid COVID-19

December 28, 2020 by Jessica Davis

The Office for Civil Rights recently released guidance for covered entities and business associates on HIPAA-permitted disclosures of protected health information through the use of health information...