Healthcare Information Security

HIPAA covered entities

Judge Says HIPAA Regulations Do Not Apply in Organ Donor Case

April 20, 2017 - Patient records from the New York Organ Donor Network are not liable to HIPAA regulations, according to a recent New York Supreme Court ruling. A former network official claimed that four patients had not yet been declared legally dead before their organs were harvested, and had argued that the records in question were protected under HIPAA. Plaintiff Patrick McMahon also claimed that he had...

More Articles

Lawsuit Filed to Avoid Potential Health Data Exposure Fines

by Elizabeth Snell

A Wisconsin-based publishing company recently filed a lawsuit claiming that it is being exposed to potential liability for unauthorized exposure of individuals’ personal health data. The concern over possible health information exposure...

Addressing FTC Jurisdiction Over HIPAA Covered Entities

by Elizabeth Snell

With the FTC recently releasing guidance on how HIPAA covered entities must adhere to the FTC Act in addition to HIPAA regulations, it is essential for healthcare organizations to be aware of the potential consequences for not doing so. When...

ONC Joint HIT Committee Discusses HIPAA Regulation Report

by Elizabeth Snell

Consumers falsely believing that their PHI is protected under HIPAA regulations, and an overall lack of clear rules as to how non-HIPAA covered entities handle sensitive information is a problem for overall economic growth, according to ONC Chief...

ONC Report Highlights PHI Security Gaps in non-HIPAA Entities

by Elizabeth Snell

The increase in certain technologies that collect and potentially share individuals’ health information, such as wearables and fitness trackers, could create issues when it comes to PHI security, according to the Office of the National...

Understanding the Gray Areas in HIPAA Compliance

by Gene Fry of Scrypt

Several weeks have passed since the HHS Office for Civil Rights (OCR) announced the launch of phase two of its HIPAA audit program. No surprises, then, that HIPAA compliance is a topic that’s receiving a lot of attention right now....

Lawsuit Claims Facebook Compromises Patient Privacy

by Elizabeth Snell

Facebook violated patient privacy as it relayed certain private health information from cancer institute websites to increase its advertising profits, according to a recent class action lawsuit filed in California. Lead plaintiff Winston Smith...

$25K OCR HIPAA Settlement for Physical Therapy Provider

by Elizabeth Snell

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) agreed to a HIPAA settlement with Complete P.T., Pool & Land Physical Therapy, Inc. after alleged violations that the physical therapy provider potentially exposed...

Reviewing HIPAA Compliance Enforcement Actions

by Elizabeth Snell

With the next round of OCR HIPAA audits reportedly set to take place next year, no healthcare organization can assume that it will not be affected. To the same effect, business associates must also ensure that they are in full HIPAA compliance....

Breaking Down HIPAA Regulations in Emergencies

by Elizabeth Snell

While HIPAA regulations are something that all covered entities need to incorporate in daily operations, it is not always simple to understand how those federal regulations apply to certain situations. For example, when there is potentially a...

Notice of Privacy Practices for PHI: Breaking Down HIPAA

by Elizabeth Snell

A notice of privacy practices (NPP) for PHI is a critical part of the HIPAA Privacy Rule that covered entities of all sizes need to understand. This piece of communication is also essential for the relationship between a health plan or provider...

Breaking Down the HIPAA Administrative Simplification Rules

by Elizabeth Snell

The HIPAA Administrative Simplification Rules are an important aspect of HIPAA operating rules and standards. These provisions required the Department of Health and Human Services (HHS) to not only adopt national standards for certain types of...

Reminders for HIPAA Compliance with Business Associates

by Elizabeth Snell

Maintaining HIPAA compliance is clearly a top priority for covered entities. With technology evolving, third-party partnerships are also becoming more common, which means that more healthcare organizations are likely working with business associates....

Majority of Providers Confident in HIPAA Compliance Policies

by Elizabeth Snell

Even with recently large-scale health data breaches being announced, the majority of healthcare providers report that they are confident in their own HIPAA compliance policies, according to a recent survey by Scrypt. A total of 769 healthcare...

How Do HIPAA Regulations Affect Judicial Proceedings?

by Elizabeth Snell

HIPAA regulations are designed to keep healthcare organizations compliant, ensuring that sensitive data - such as patient PHI - stays secure. Should a healthcare data breach occur, covered entities or their business associates will be held accountable,...

How to Implement Strong HIPAA Technical Safeguards

by Elizabeth Snell

Having strong HIPAA technical safeguards is essential for healthcare organizations of all sizes. However, it is also critical that those safeguards are not the only data security measure that covered entities rely on to keep data protected. Jeffrey...

How Do HIPAA Regulations Affect Workplace Wellness Programs?

by Elizabeth Snell

The Department of Health and Human Services (HHS) recently posted clarification for how HIPAA regulations would potentially apply to workplace wellness programs. With the Equal Employment Opportunity Commission (EEOC) also publishing a proposed...

Breaking Down HIPAA Rules and Regulations: Business Associates

by Stephanie Reardon

As healthcare providers strive to meet new mandates and reach new quality of care goals, they should always keep HIPAA rules and regulations in mind. The tangle of changes and multiple impacts to the workings of healthcare facilities can be...

Are You Ready for the HIPAA Breach Notification Deadline?

by Elizabeth Snell

Covered entities (CEs) that experienced a data breach in 2014 that affected fewer than 500 people have an important HIPAA breach notification deadline approaching: March 1. That is the deadline that those organizations must notify the Department...

Should More Patients Worry About Healthcare Data Security?

by Elizabeth Snell

An organization should always have the state of its healthcare data security as a top priority. Especially as technology evolves and more facilities connect to HIEs, implement new EHRs and potentially even consider telehealth, it is essential...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks