Healthcare Information Security

HIPAA and Compliance News

Are Better HIPAA Guidelines Needed for Health Apps, Devices?


The recent OCR HIPAA guidelines discussing patient access to health records is a positive step forward, according to one association, but more needs to be done to ensure better regulations for health apps and device companies. ACT | The...

HHS Releases Patient Right of Access Under HIPAA Fact Sheet


Earlier this week the Department of Health and Human Services (HHS) released a fact sheet outlining important points in HIPAA regulations about patient right of access to their own health information. Office for Civil Rights (OCR)...

FAS Discusses Federal and State Data Breach, Security Laws


It seems as though 2015 was the year of the data breach, especially in the healthcare industry. As a means to regulate these data breaches and ensure adequate notification to individuals whose information had been compromised, several...

HIPAA Privacy Rule Changes Proposed for Background Checks


The Department of Health and Human Services (HHS) announced potential modifications to the HIPAA Privacy Rule in an effort to improve the background check process individuals go through in order to purchase a firearm.   Under the...

How Administrative Safeguards Can Prevent Data Breaches


Preventing healthcare data breaches is a common goal for covered entities of all sizes. It can be easy to let the importance of administrative safeguards fall behind other areas, such as concerns over hacking and stolen devices, but...

Lessons Learned From the 2015 OCR HIPAA Settlements


Maintaining HIPAA compliance should always be a top priority for covered entities and their business associates, but this is not always a simple feat to accomplish. The 2015 OCR HIPAA settlements are all examples of how a seemingly...

Stage 3 Meaningful Use Overlaps With HIPAA, CHIME Says


Stage 3 Meaningful Use requirements are burdensome, and more time is needed for healthcare providers to properly adjust, the College of Healthcare Information Management Executives (CHIME) said in a recent letter to the Centers for...

Lack of Risk Assessment Key in UWM $750K HIPAA Settlement


The University of Washington Medicine (UWM) recently agreed to a $750,000 fine as part of a HIPAA settlement, which was the result of a 2013 incident. UWM filed a breach report to OCR November 27, 2013, where an email containing...

Lawyers Break Down 2016 HIPAA Audits, Connected Devices


The increase in connected medical devices and the reportedly upcoming second round of OCR HIPAA audits are some of the top areas to watch next year in terms of healthcare data privacy and security, according to lawyers who specialize in...

State HIPAA Settlement Reached in URMC Data Breach Case


New York Attorney General Eric T. Schneiderman reached a HIPAA settlement with the University of Rochester Medical Center (URMC), following a healthcare data breach from last spring that compromised approximately 3,400 patients’ PHI....

Lahey Hospital Agrees to $850K OCR HIPAA Settlement


Lahey Clinic Hospital, Inc. (Lahey) agreed to an OCR HIPAA settlement that stemmed from a 2011 incident where an unencrypted laptop was stolen, potentially compromising the PHI of 599 individuals. Lahey was fined $850,000 as part of the...

The OCR HIPAA Compliance Audits Procedure: A Review


The Department of Health & Human Services (HHS) Office for Civil Rights (OCR) has reportedly begun to implement its next round of HIPAA compliance audits, set to take place in the early part of 2016. Earlier this week,...

Reviewing HIPAA Compliance Enforcement Actions


With the next round of OCR HIPAA audits reportedly set to take place next year, no healthcare organization can assume that it will not be affected. To the same effect, business associates must also ensure that they are in full HIPAA...

PHI Data Breach Leads to $90K Agreement for Conn. Hospital


A PHI data breach that took place in 2012 recently resulted in a Connecticut hospital and one of its contractors having to pay $90,000 to the state. Hartford Hospital and EMC Corporation both signed an agreement saying they would pay the...

AHA Discusses Mental Health Legislation, HIPAA Regulations


The American Health Association (AHA) recently announced its support of mental health legislation that would potentially affect current HIPAA regulations and also allow states to use federal Medicaid funds to cover services for adults in...

Is Patient Privacy Violated When Docs Take Patient Data?


Instances of healthcare professionals taking patient information with them as they change practices is becoming a prevalent issue with patient privacy. Earlier this month, a lawsuit was filed in Fresno, California challenging this very...

OCR HIPAA Privacy, Security Platform Launched for Developers


The US Department of Health and Human Services Office for Civil Rights (OCR) recently launched a portal designed for health application developers, so that they can learn more about HIPAA Privacy and Security issues. As more organizations...

How Do HIPAA Regulations Apply After Death?


HIPAA regulations help ensure that covered entities and business associates put in the necessary safeguards to keep individuals sensitive medical information secure. But what happens after a patient passes away? Are healthcare providers...

Study Shows OCR HIPAA Compliance, Breach Recovery Lacking


The Office for Civil Rights (OCR) has room for improvement in several health data security areas, including its HIPAA compliance and ability to follow up on PHI data breaches, according to two separate reports from the Office of Inspector...

Alleged HIPAA Violations in Lawsuit Against D.C. Hospitals


A class-action lawsuit has been filed against MedStar Georgetown University Hospital and George Washington University Hospital for potential HIPAA violations related to patients being able to receive copies of their medical records. Four...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...