Healthcare Information Security

HIPAA and Compliance News

Anthem to Pay Record $16M for HIPAA Violations Exposing 79M Records

October 16, 2018 - Anthem has agreed to pay a record $16 million, almost three times the previous highest HIPAA penalty, and to take correct actions to settle HIPAA violations that exposed the ePHI of close to 79 million people, OCR announced Oct. 15. “The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history,” said OCR Director Roger Severino in...


Articles

Azar Issues 2nd HIPAA Privacy Rule Waiver in As Many Months

by

As in the case of Hurricane Florence, HHS Secretary Alex Azar has waived sanctions and penalties under certain HIPAA Privacy Rule provisions for areas impacted by Hurricane Michael. The waiver is intended to enable greater information...

Aetna Reaches Settlements with State AGs Over HIPAA Violations

by

Health insurer Aetna has reached settlements with a number of state attorney generals over HIPAA violations resulting from mailings to HIV/AIDS and cardiac patients, the New Jersey attorney general announced Oct. 10. The three states and...

Hospitals Fail at HIPAA Compliance Re Medical Records Requests

by

Many hospitals failed at HIPAA compliance in response to simulated patients’ requests for medical records, according to a study by Yale researchers published in the JAMA Network Open. The researchers surveyed 83 top-ranked US...

Iowa County Government Employee Alleges HIPAA Violation

by

An employee of the Iowa’s Mahaska County government alleged that another employee committed a HIPAA violation when she locked a member of the public inside a building where files containing PHI were stored unsecured, the...

Congress Urged To Align 42 CFR Part 2 With HIPAA Privacy Rule

by

The Partnership to Amend 42 CFR Part 2 is urging Congress to include the Overdose Prevention and Patient Safety Act (HR 6082), which would align 42 CFR Part 2 with the HIPAA Privacy Rule, in compromise opioid legislation that the House and...

UMass Memorial to Pay $230,000 for Healthcare Data Breaches

by

UMass Memorial healthcare entities have agreed to pay $230,000 to the state of Massachusetts to resolve claims that two separate healthcare data breaches exposed PHI of more than 15,000 state residents. The lawsuit by the Massachusetts...

MA Physician Gets 1-Year Probation for Criminal HIPAA Violation

by

Rita Luthra, a Springfield, MA-based gynecologist, was sentenced Sept. 19 to one-year probation for a criminal HIPAA violation and obstruction of a criminal healthcare investigation. In April, a jury convicted her of allowing a...

Boston Hospitals Cough Up $1M for ‘Boston Trauma’ HIPAA Violations

by

OCR announced Sept. 20 that it has fined three Boston-area hospitals close to $1 million for HIPAA violations involving the filming of ABC’s TV series “Save My Life: Boston Trauma.”* OCR reached HIPAA settlements with...

Azar Waives HIPAA Privacy Rule Sanctions for Hurricane Response

by

HHS Secretary Alex Azar has waived sanctions and penalties under certain HIPAA Privacy Rule provisions that apply to hospitals to enable greater sharing of information in response to Hurricane Florence making landfall on the East...

Bill Would Exempt HIPAA Covered Entities from California Privacy Law

by

The California legislature has passed amendments to the sweeping California Consumer Privacy Act that would, among other changes, exempt HIPAA covered entities and business associates from the state law’s requirements. It would also...

Arc of Erie County Hit With $200K Fine for HIPAA Violation

by

The New York Attorney General has levied a $200,000 fine on Arc of Erie County for a HIPAA violation that exposed ePHI on 3,751 clients. The Buffalo-based nonprofit, which provides services to people with developmental disabilities,...

New PCORI Policy Has Data Rules In Line with HIPAA Regulations

by

A new data sharing policy adopted by the Patient-Centered Outcomes Research Institute (PCORI) stipulates that all personally identifiable health information must be deidentified in accordance with HIPAA regulations. On Sept. 7, the PCORI...

HIPAA Privacy Rule Can Be Tool for Health Information Exchange

by

Rather than being a barrier to information sharing and interoperability, the HIPAA Privacy Rule can be seen as a tool to facilitate health information exchange and flow across the health ecosystem, argued OCR and ONC in an Aug. 30 blog...

Oklahoma Hospital Sued for Alleged HIPAA Violation Over Drowning

by

McAlester Regional Health Center (MRHC) in Oklahoma is being sued for an alleged HIPAA violation for sharing information on a boy’s drowning with his biological mother, reported the Pauls Valley Democrat newspaper on Aug. 23. The...

OCR Levies Close to $80M in HIPAA Privacy Rule Fines

by

OCR has assessed close to $80 million in fines in 55 cases of HIPAA Privacy Rule violations since the rule took effect in April 2003, according to data on the HHS website. OCR has received 184,614 HIPAA complaints and has initiated 902...

Oklahoma Government in Row Over Alleged HIPAA Violation

by

Two branches of Oklahoma’s government are embroiled in a controversy over whether the Oklahoma Department of Veterans Affairs committed a HIPAA violation when it allowed VA medical aides to access patient medical records using their...

HIPAA Security Rule Requires Secure Disposal of ePHI-Laden Devices

by

The HIPAA Security Rule requires HIPAA covered entities and business associates to implement policies and procedures regarding the secure disposal and re-use of electronic devices and media containing ePHI so that ePHI cannot be retrieved,...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy

no, thanks