Healthcare Information Security

HIPAA and Compliance News

HIPAA Violation Leads to Probation for Radiologist


An Ohio radiologist is facing disciplinary actions from the state medical board after she reportedly committed a HIPAA violation. Dr. Aimee Hawley unlawfully accessed a colleague’s medical record, according to a DOTmed News article,...

What Happens in HIPAA Audits: Breaking Down HIPAA Rules


HIPAA audits are something that covered entities of all sizes must be prepared to potentially go through. As technology continues to evolve, facilities need to ensure that they are maintaining PHI security and understand how best to keep...

Breaking Down PHI Security Breaches and Their Impact


With another large health data breach being announced this week, it is essential that covered entities of all sizes understand the intricacies of PHI security. However, there is an important distinction in types of data that healthcare...

Accidental and Unauthorized Emails Create PHI Security Issues


No covered entity wants to notify patients of a potential PHI security incident, yet even with the appropriate safeguards in place, problems could still occur. When this happens, it is important to properly notify potentially affected...

Judge Disagrees With Employee Firing Over HIPAA Violation


A Montana judge recently ruled that a healthcare employee’s HIPAA violation did not preclude her from protection under the National Labor Relations Act (NLRA). The employee had accessed personal information on coworkers for her...

How Will New Research Bill Affect HIPAA Regulations?


A proposed health research bill could potentially affect the current HIPAA regulations, as it would allow covered entities or business associates to use or disclose PHI for research purposes without patient consent. Called 21st Century...

Phishing Scams: HIPAA Technical or Administrative Safeguard?


Phishing scams are not a new threat to the healthcare industry, but as other data security threats have evolved over time, so have phishing approaches. Early on, individuals might have gotten emails from someone claiming to be a prince...

Healthcare Authentication Factors: Breaking Down HIPAA


Strong technical safeguards are essential for covered entities, regardless of their size, and the right healthcare authentication factors are a critical aspect of those safeguards. Locking down end users, and maintaining technical...

Why Phishing Scams Cannot Be Ignored by Healthcare Entities


Phishing scams are not a new security threat to the healthcare industry, but that does not mean that covered entities should not consider them when working to prevent data breaches. As technology evolves, it becomes more important for...

How Do HIPAA Regulations Affect Workplace Wellness Programs?


The Department of Health and Human Services (HHS) recently posted clarification for how HIPAA regulations would potentially apply to workplace wellness programs. With the Equal Employment Opportunity Commission (EEOC) also publishing a...

Is Healthcare Improving Data Breach Prevention Measures?


Healthcare data breach prevention measures are essential in today’s industry, especially as technology continues to evolve and more facilities begin to connect to other networks. Secure data sharing is more prevalent, and organizations...

OCR HIPAA Settlement Costs Cornell $125K


The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) announced earlier this week that it hand handed a $125,000 HIPAA settlement fine to Cornell Prescription Pharmacy (Cornell). In addition to the fine, Cornell...

How Rush Medical Stays HIPAA Compliant, Uses Cybersecurity


Staying HIPAA compliant is not always an easy task, especially as new technological options develop, such as cloud computing, mobile devices, and EMRs. Rush University Medical Center has altered its cybersecurity measures over the last...

Stage 3 Meaningful Use: Breaking Down HIPAA Rules


CMS released its Stage 3 Meaningful Use proposal last month, with numerous aspects that covered entities (CEs) need to be aware of and pay attention to. While the proposal has a large focus on EHR interoperability, it continues to build on...

HIPAA Business Associate Agreements Broken Down at HIMSS15


HIPAA business associate agreements are an important aspect of the HITECH Act and the Omnibus Rule, and covered entities need to understand how their relationships with business associates have changed. When it comes to risk assessments,...

Why Understanding HIPAA Rules Will Help With ONC Certification


Understanding HIPAA rules will have far reaching benefits for covered entities. Not only will they be compliant in terms of keeping patient PHI secure, but it will also ensure that those facilities are able to adhere to other federal...

Is the HIPAA Security Rule Doing Enough for Healthcare?


The HIPAA Security Rule created a national set of security standards designed to protect certain health information, either held or transferred in electronic form. However, technology has continued to evolve, and one healthcare security...

ONC’s Lucia Savage Dissects Health IT Privacy, Security Guide


The Office of the National Coordinator (ONC) released the updated version of its health IT privacy and security guide last week, as a way to highlight “practical information that accurately reflects the guidance that is in the current...

HIMSS15 Leaders Focus on Healthcare Privacy, HIPAA Rules


HIMSS15 took place this week in Chicago, and some of the highly discussed topics included healthcare privacy and security issues, such as HIPAA regulations. With more providers implementing EHRs, HIEs, and other forms of technology,...

HITRUST Discusses Cybersecurity Threats, Risk Assessments


Cybersecurity threats are an increasingly important issue in the healthcare industry, especially as incidents such as the Anthem and Premera data breaches show that organizations of any size could be a target. That is part of the reason...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks