Healthcare Information Security

HIPAA and Compliance News

HIPAA Minimum Necessary Standard Discussed in Hearing


The National Committee on Vital and Health Statistics’ (NCVHS) subcommittee on privacy, confidentiality, and security held a hearing last week to help the Department of Health and Human Services (HHS) develop better guidance on the HIPAA...

How Do HIPAA Rules, Patient Privacy Apply in Emergencies?


No healthcare organization wants to compromise patient privacy, and HIPAA rules were designed to ensure that this does not occur.   Covered entities of all sizes should understand how the HIPAA Privacy Rule applies in various situations....

ONC Releases Educational Videos on HIPAA Rights for Patients


In an effort to better educate individuals on HIPAA rights for patients, the Office of the National Coordinator (ONC) released a series of videos that explain the rights patients have to access their health information. Additionally, ONC revealed...

HHS Clarifies HIPAA Regulation Patient Right of Access Costs


While HIPAA regulations state that patients have a right of access to their own health information, many individuals are left wondering just how much it will cost them to view their own PHI.  Fortunately, the Department of Health and Human...

Patients Allege Genetics Company Violated HIPAA Regulations


Four patients have alleged that a genetic testing company violated HIPAA regulations after it initially refused to provide them with their complete genetic test results, reported an official press release from the American Civil Liberties Union,...

Staying HIPAA Compliant While Using Health Data Encryption


Many people may be surprised to learn that HIPAA laws do not require any specific type of health data encryption. However, regulatory updates since the Security Rule’s enactment have shown how critical HHS thinks encryption is, and for...

Congress Urged to Improve Healthcare Data Privacy Rule


The current healthcare data privacy laws of 42 CFR Part 2 (Part 2), which discuss the confidentiality of drug and alcohol treatment and prevention records, need to better align with HIPAA regulations, according to the American Hospital Association...

Earlier HIPAA Audits Help Healthcare Data Breach Prevention


Utilizing better communication, implementing a universal HIPAA audit certification system, and embracing cyber insurance are just some of the recommendations for better healthcare data breach prevention recently put forth by the Brookings Institution....

Understanding the Gray Areas in HIPAA Compliance


Several weeks have passed since the HHS Office for Civil Rights (OCR) announced the launch of phase two of its HIPAA audit program. No surprises, then, that HIPAA compliance is a topic that’s receiving a lot of attention right now....

Reviewing the HIPAA Risk Assessment Process


While the Office for Civil Rights (OCR) announced that phase two of its HIPAA audit program is underway, covered entities of all sizes and their business associates should already understand the basics of a HIPAA risk assessment. Being able to...

Using Risk Assessments, Management for OCR HIPAA Audits


There has been much discussion over the second round of OCR HIPAA audits, with covered entities of all sizes wanting to know how they can best prepare for a potential investigation. Having an updated and thorough risk management process will...

Top Tips for OCR HIPAA Audit Preparation


With the most recent round of OCR HIPAA audits announced just last month, many healthcare organizations are working to ensure that they are prepared should they be called for investigation. While the announcement should not come as a total surprise,...

OCR HIPAA Settlement Costs New York Hospital $2.2M


A recent Office of Civil Rights (OCR) HIPAA settlement agreement states a New York-based hospital must pay $2.2 million after it allowed unauthorized filming of patients, according a Department of Health and Human Services (HHS) press release....

Orthopedic Provider Agrees to $750,000 OCR HIPAA Settlement


The Raleigh Orthopaedic Clinic, P.A. of North Carolina has agreed to pay approximately $750,000 in OCR HIPAA settlement fines after an alleged healthcare data breach in 2013 involving a business associate, reported the Department of Health and...

Does HIPAA Compliance Give A False Sense of Security?


The fact that HIPAA compliance isn’t bulletproof – that cybersecurity frameworks around health information require a new level of vigilance – is now axiomatic. Perhaps owing to whatever legislative sausage-making gave birth...

Why It’s Important to Define Business Associate Agreements


In the healthcare industry, there is often so much that needs to be accomplished that one single hospital or clinic cannot do it alone, which is why they often enlist the help of business associates. As a way to protect any sensitive health information...

Why Healthcare Ransomware Attacks Are HIPAA Data Breaches


In a recent issue of Forbes magazine, author Dan Munro asks the question, “Is Ransomware Considered a Health Data Breach Under HIPAA?”  In developing the answer to that question, Dan speaks with experts in the healthcare and...

HIPAA Compliance Knowledge Growing Amongst Healthcare Pros


Healthcare organizations are doing more to remain HIPAA compliant compared to two years ago, says NueMD’s 2016 HIPAA Survey Update. The survey looked at HIPAA compliance trends amongst 927 healthcare professionals as a follow-up to a similar...

Top 5 Things to Remember About OCR HIPAA Audits


With the second round of the OCR HIPAA audits set to start soon, it is essential that covered entities and business associates of all sizes ensure that they are HIPAA compliant and ready for a potential investigation. Organizations’ processes,...

OCR Releases Details of Phase 2 HIPAA Audits Starting Soon


The Office of Civil Rights (OCR) has announced Phase 2 of its HIPAA audits, according to a public announcement. The agency, which is a part of the Department of Health & Human Services, will be conducting these audits in an effort to keep...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks