Healthcare Information Security

HIPAA and Compliance News

HHS Reviews HIPAA Rules Following Hurricane Harvey

by

Healthcare providers can face numerous challenges during natural disasters, including adhering to HIPAA rules while working to provide proper patient care through an emergency. HHS recently released a bulletin to help guide covered...

AHA Urges Reduced Data Sharing Barriers in HIPAA Regulations

by

Having reduced data sharing barriers in current HIPAA regulations is just one way Congress can help reduce the regulatory burden on hospitals, health systems and patients, according to the American Hospital Association (AHA). AHA...

How HIPAA Regulations Can Ease Information Blocking

by

Even with more healthcare organizations adopting EHRs and working through the Meaningful Use program, covered entities still struggle with health information exchange. However, HIPAA regulations could be a boon to providers, according to...

Staying HIPAA Compliant in Patient Health Data Access Process

by

Last month, AHIMA released a new form designed to help both healthcare providers and patients better understand and utilize the patient health data access process. Patients have the right to their own information, but providers need to...

OCR Stresses Employee Training Need in PHI Security

by

The need for strong employee training only increases as the healthcare risk landscape grows and threatens PHI security, according to the recent OCR cybersecurity newsletter. Data security training is necessary for combatting threats such...

5 Lessons Learned in OCR HIPAA Settlements

by

Healthcare organizations cannot assume that they will never experience a data breach or data security incident. Failure to update safeguards or audit controls could also lead to an OCR HIPAA settlement, which could be paired with a high...

HHS Updates HIPAA Breach Reporting Tool, Empowers Consumers

by

The recently updated HIPAA Breach Reporting Tool (HBRT) will highlight recent healthcare data breaches and help consumers learn how such incidents are investigated, according to OCR. The agency explained in a statement that the new HBRT...

AHIMA Focuses on HIPAA Compliance in New Patient Data Form

by

AHIMA released a new form that streamlines the patient data request process and also maintains HIPAA compliance. Patient have the right to request access to their own information under HIPAA regulations, but are sometimes confused about...

HIPAA Regulations Not Applicable in TN Supreme Court Case

by

Medical authorization compliant with HIPAA regulations is not required when a pre-suit notice is sent to a single healthcare provider, according to a recent Tennessee Supreme Court ruling. In 2011, Deborah Bray filed a healthcare...

Cases Underline Audit Controls, Minimum Necessary Standard

by

Healthcare organizations of all sizes need to utilize proper audit controls to ensure that employees are remaining compliant and following proper procedure. Lacking administrative safeguards could lead to numerous types of malicious...

Implementing HIPAA Technical Safeguards for Data Security

by

The push for digital health records is not going to slow down anytime soon, and as recent cases of ransomware attacks show, healthcare organizations must create comprehensive data security measures. HIPAA technical safeguards are just one...

OCR Highlights Proper Healthcare Cyberattack Response

by

HIPAA covered entities and business associates must know the necessary steps to take following a healthcare cyberattack. Failing to either notify overseeing agencies or properly alert patients could lead to numerous issues for an...

OCR Newsletter Reviews Healthcare Cybersecurity Best Practices

by

Even the most current and comprehensive security controls cannot guarantee that PHI security will never be compromised, which is why healthcare cybersecurity best practices should be regularly reviewed. OCR’s May cybersecurity...

PHI Data Breach Leads to $387K OCR HIPAA Settlement

by

St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) settled alleged HIPAA violations from a PHI data breach by paying $387,000 in an OCR HIPAA settlement. Formerly Spencer Cox Center for Health (the Spencer Cox Center), New...

Memorial Hermann Agrees to $2.4M OCR HIPAA Settlement

by

Texas-based Memorial Hermann Health System (MHHS) recently agreed to a $2.4 million OCR HIPAA settlement following multiple allegations of inappropriate PHI disclosure. OCR conducted a compliance review after numerous media reports...

NM Supreme Court to Review Alleged HIPAA Violation Case

by

A New Mexico district court mostly denied a motion to dismiss a case alleging HIPAA violations last Friday, and the state Supreme Court will now consider HIPAA’s scope in relation to the case. District Judge Judith C....

NJ Psychologist to Fight HIPAA Violation Allegations

by

New Jersey-based psychologist Dr. Barry Helfmann has been accused of failing to prevent patient mental health diagnoses and treatment details from being released. The alleged HIPAA violations reportedly occurred when Helfmann’s...

Lack of Business Associate Agreement Equals $31K Settlement

by

The Center for Children’s Digestive Health (CCDH) recently settled potential HIPAA violations by not having a business associate agreement in place, and paid OCR $31,000. The Illinois-based healthcare provider underwent an OCR...

Mobile Security at Center of $2.5M OCR HIPAA Settlement

by

The latest OCR HIPAA settlement was the first of its kind for a wireless health services provider, following allegations of ePHI disclosure due to a stolen laptop. Pennsylvania-based CardioNet provides remote mobile monitoring of and...

2017 OCR HIPAA Settlements Focus on Risk Analyses, Safeguards

by

Maintaining PHI security must remain a top priority for covered entities and business associates year-round. Lackluster safeguards and irregular risk analyses can lead to potential data security issues, and even an OCR HIPAA...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...