Healthcare Information Security

OCR HIPAA Audits

OCR Fines Florida Physicians Group $500,000 for HIPAA Failures

December 4, 2018 - Florida-based Advanced Care Hospitalists was fined $500,000 by the Office for Civil Rights for multiple HIPAA compliance failures, including sharing protected health information with an unknown vendor. According to officials, ACH contracted with an individual that claimed to be part of a company called Doctor’s First Choice Billings from November 2011 and June 2012. They provided...


More Articles

Arizona MCOs Fail OIG Security Audit, Putting Medicaid Data at Risk

by Jessica Davis

A Department of Health and Human Service Office of Inspector General audit of two Arizona Managed Care Organizations found significant, security vulnerabilities in its information systems, which call into question the integrity of the...

Gap Analysis Not Enough for HIPAA Security Rule, Says OCR

by Fred Donovan

A gap analysis can be used to discover where problems exist in securing electronic protected health information (ePHI), but it is not a substitute for a comprehensive risk analysis required by the HIPAA Security Rule, the Office for Civil...

HIPAA Compliance Gap Between Compliance Officers, Regulators

by Fred Donovan

There is a large gap between the priorities of healthcare compliance officers and regulators when it comes to HIPAA compliance, according to a survey of 388 healthcare organizations by SAI Global and Strategic Management...

Timothy Noonan Named OCR Acting Deputy Director

by Elizabeth Snell

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently named Timothy Noonan as the new OCR acting deputy director for health information privacy (HIP). Noonan has been in the position since January 29,...

Memorial Hermann Agrees to $2.4M OCR HIPAA Settlement

by Elizabeth Snell

Texas-based Memorial Hermann Health System (MHHS) recently agreed to a $2.4 million OCR HIPAA settlement following multiple allegations of inappropriate PHI disclosure. OCR conducted a compliance review after numerous media reports...

2017 OCR HIPAA Settlements Focus on Risk Analyses, Safeguards

by Elizabeth Snell

Maintaining PHI security must remain a top priority for covered entities and business associates year-round. Lackluster safeguards and irregular risk analyses can lead to potential data security issues, and even an OCR HIPAA...

Health Center Agrees to $400K OCR HIPAA Settlement

by Elizabeth Snell

Failing to conduct a risk analysis and not implementing a corresponding risk management plan to address found risks and vulnerabilities were part of the reasoning behind the latest OCR HIPAA settlement. Metro Community Provider...

Expanding Beyond HIPAA Audit Prep for Information Governance

by Elizabeth Snell

Earlier this month, the American Health Information Management Association (AHIMA) published its newest toolkit to assist organizations in preparing for HIPAA audits. The “External HIPAA Audit Readiness Toolkit”...

$2.2M OCR HIPAA Settlement Highlights ePHI Safeguard Need

by Elizabeth Snell

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced a HIPAA settlement stemming from allegations of a lack of ePHI safeguards. MAPFRE Life Insurance Company of Puerto Rico (MAPFRE) agreed to...

OCR ‘Laser Focused’ on HIPAA Violation Complaints, Enforcement

by Elizabeth Snell

While 2015 and 2016 saw the Office for Civil Rights (OCR) enter into a record number of settlement agreements, most of its received complaints do not involve an alleged HIPAA violation, according to HHS Director Jocelyn Samuels....

Why Latest OCR HIPAA Audits are About Compliance, Action

by Elizabeth Snell

The Office for Civil Rights (OCR) announced the second round of its HIPAA audit program on July 11, 2016, sending out notification emails to 167 covered entities. The desk audits will review how healthcare organizations adhere to the HIPAA...

OCR Aims to Improve Smaller Data Breach Investigation Process

by Elizabeth Snell

Starting in August 2016, the Office for Civil Rights (OCR) will start an initiative to better investigate smaller data breaches. The data breach investigation process will look further into the root causes of incidents affecting fewer than...

OCR Clarifies HIPAA Desk Audits, Unique Device Identifiers

by Elizabeth Snell

With the Office for Civil Rights (OCR) announcing the HIPAA desk audits earlier this month, the Department of Health and Human Services (HHS) wanted to ensure that covered entities fully understand the process and how it will potentially...

Latest Round of OCR HIPAA Audits Not a Reason for Panic

by Elizabeth Snell

The second round of the OCR HIPAA audits is officially underway, with desk audits being announced in July 2016. Notification letters were sent out to 167 covered entities on Monday, July 11, that they had been selected for the desk audit...

Desk Audits Begin for OCR Phase Two HIPAA Audits

by Elizabeth Snell

The Office for Civil Rights (OCR) officially launched phase two of its HIPAA audit program earlier this week, sending out notification letters to selected covered entities. The letters were sent out on July 11, according to an OCR email,...

Ensuring HIPAA Compliance Before a Potential HIPAA Audit

by Clyde Bennett of Aldridge Health

Businesses and healthcare providers are facing increasing pressure to meet and maintain HIPAA compliance standards. The Office for Civil Rights (OCR) announced it will be performing a new round of random audits throughout 2016. Before...

Business Associate Agrees to $650K OCR HIPAA Settlement

by Elizabeth Snell

The latest OCR HIPAA settlement further underscores that business associates (BAs) need to ensure that they are adhering to the same data security standards as covered entities. Catholic Health Care Services of the Archdiocese of...

OCR HIPAA Settlements Highlight PHI Disclosure, Compliance

by Elizabeth Snell

Understanding the proper safeguards when it comes to HIPAA compliance, following proper PHI disclosure methods, and implementing comprehensive business associate agreements are all key areas to keeping data secure, according to the 2016...

Earlier HIPAA Audits Help Healthcare Data Breach Prevention

by Elizabeth Snell

Utilizing better communication, implementing a universal HIPAA audit certification system, and embracing cyber insurance are just some of the recommendations for better healthcare data breach prevention recently put forth by the Brookings...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...