Healthcare Information Security

HIPAA and Compliance News

Notice of Privacy Practices for PHI: Breaking Down HIPAA


A notice of privacy practices (NPP) for PHI is a critical part of the HIPAA Privacy Rule that covered entities of all sizes need to understand. This piece of communication is also essential for the relationship between a health plan or...

Ind. Practice Fined $750K in OCR HIPAA Settlement


An Indiana radiation oncology practice agreed to a HIPAA settlement of $750,000 with the Office for Civil Rights (OCR) after alleged HIPAA violations from a 2012 incident. Cancer Care Group, P.C. notified OCR on August 29, 2012 of an...

HIPAA Compliance, Data Breaches Top Summer Stories


The health data security world is constantly changing, as technology evolves and healthcare organizations work to maintain HIPAA compliance and keep pace with potential threat factors. The past few months have further proven that fact, and...

Breaking Down the HIPAA Administrative Simplification Rules


The HIPAA Administrative Simplification Rules are an important aspect of HIPAA operating rules and standards. These provisions required the Department of Health and Human Services (HHS) to not only adopt national standards for certain...

Reminders for HIPAA Compliance with Business Associates


Maintaining HIPAA compliance is clearly a top priority for covered entities. With technology evolving, third-party partnerships are also becoming more common, which means that more healthcare organizations are likely working with business...

Majority of Providers Confident in HIPAA Compliance Policies


Even with recently large-scale health data breaches being announced, the majority of healthcare providers report that they are confident in their own HIPAA compliance policies, according to a recent survey by Scrypt. A total of 769...

Reminders on HIPAA Enforcement: Breaking Down HIPAA Rules


HIPAA enforcement is an important aspect of The HIPAA Privacy Rule, and also one that no covered entity actually wants to be a part of. However, it is essential that healthcare organizations of all sizes understand the implications of an...

HHS Releases Overview on HIPAA Regulations


The Department of Health and Human Services (HHS) recently released an overview of the basics of HIPAA regulations, and what covered entities must keep in mind as they work toward remaining compliant. The HHS guidance discusses the HIPAA...

How Do HIPAA Regulations Affect Judicial Proceedings?


HIPAA regulations are designed to keep healthcare organizations compliant, ensuring that sensitive data - such as patient PHI - stays secure. Should a healthcare data breach occur, covered entities or their business associates will be held...

How to Implement Strong HIPAA Technical Safeguards


Having strong HIPAA technical safeguards is essential for healthcare organizations of all sizes. However, it is also critical that those safeguards are not the only data security measure that covered entities rely on to keep data...

How the Patient Safety Rule Ties into HIPAA Regulations


There are many essential aspects to HIPAA regulations, and how covered entities and their business associates must work to remain compliant. The Patient Safety and Quality Improvement Act of 2005 (PSQIA) is another important regulation to...

No HIPAA Violation for Employees Retaining PHI, Says Court


Former hospital employees who retained PHI following their termination at an Arkansas hospital did not commit a HIPAA violation, according to an Arkansas court decision. Pam Howard previously worked at the Division of General Surgery of...

AHA: Prohibit Health Plan Identifiers in HIPAA Transactions


The Department of Health and Human Services (HHS) should prohibit Health Plan Identifiers (HPID) and Other Entity Identifiers (OEID) when used within a HIPAA transaction, according to the American Hospital Association (AHA). The AHA...

HIPAA Regulations Not Data Exchange Barrier, Says Halamka


HIPAA regulations can sometimes be used as an excuse for why healthcare organizations are unable to exchange information. Digital health information and health data sharing are increasingly necessary for the changing healthcare...

A Review of Common HIPAA Administrative Safeguards


HIPAA administrative safeguards are a critical piece to the larger health data security puzzle that all covered entities must put together. The three types of safeguards are not only a federal requirement, but they all play an important...

Potential HIPAA Violations Found in LA County DPH Audit


An IT security audit at the L.A. County Department of Health (DPH) revealed potential HIPAA violations, and that there are several areas of improvement for DPH. There need to be better system access controls, IT equipment control, and...

NY Cancer Institute ePHI Security Audit Shows Proper Policies


An ePHI security audit of the Roswell Park Cancer Institute found that the organization has a strong information security program, but could still improve in its risk assessment ability, ePHI access controls, and certain technical...

Mass. Hospital Hit With $200K OCR HIPAA Settlement


A Massachusetts hospital was fined $218,400 in a HIPAA settlement, according to a statement from the Department of Health and Human Services (HHS) Office for Civil Rights (OCR). Brighton, Massachusetts-based St. Elizabeth’s Medical...

A Review of Common HIPAA Physical Safeguards


HIPAA physical safeguards are an essential aspect to any covered entity’s PHI security, but could easily be overlooked. Technical safeguards and administrative safeguards could easily be pushed to the forefront of a covered...

Business Associates Benefit From HITRUST Program Expansion


The HIPAA Omnibus Rule requires that healthcare business associates adhere to HIPAA, and covered entities need to ensure that those third-parties remain diligent in their data security measures. In an effort to improve the relationship...


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...