Healthcare Information Security

HIPAA and Compliance News

Filefax PHI Disclosure Leads to $100K OCR HIPAA Settlement

by

Filefax, Inc. went out of business in 2017, but that does not mean that an OCR HIPAA settlement can be avoided due to an earlier PHI disclosure, according to OCR. A company that was appointed as a receiver to liquidate Filefax’s...

5 HIPAA Data Breaches Lead to $3.5M OCR Settlement

by

Fresenius Medical Care North America (FMCNA) recently agreed to a $3.5 million OCR settlement following allegations that it committed HIPAA violations on five different occasions at separate FMCNA covered entities. FMCNA provides product...

Why Providers Need a Disaster Recovery Plan for EHR Security

by

Whether healthcare providers are working to prepare for potential natural disasters like hurricanes or manmade cybersecurity issues (i.e., ransomware attacks, insider data breaches) having a disaster recovery plan is essential. Entities...

What Precedent Will Be Set in CareFirst Data Breach Case?

by

The flood gates could potentially be opened for “no-injury class actions arising from virtually every data breach” if the US Supreme Court does not reaffirm the Washington DC circuit court’s decision with the CareFirst...

Amazon HIPAA Compliance Lead Search Indicates Healthcare Focus

by

An Amazon job posting for a HIPAA Compliance Lead potentially indicates that the technology company is looking to expand into the healthcare space. The individual hired for the healthcare privacy and security position will help Amazon in...

CT Supreme Court Rules Patients Can Sue Over PHI Disclosure

by

There is a duty of confidentiality between a physician and patient, and patients have the right to sue should unauthorized PHI disclosure take place, according to the Connecticut Supreme Court. In Byrne v. Avery Center for Obstetrics...

Secure Data Exchange Part of ONC Trusted Exchange Framework Draft

by

ONC issued a Trusted Exchange Framework and Common Agreement draft last week, which is part of the requirements under the 21st Century Cures Act. Ensuring secure data exchange is a key aspect to nationwide interoperability, along with...

Maintain HIPAA Safeguards, Healthcare Cybersecurity on Vacation

by

Healthcare organizations must ensure their staff members take proper cybersecurity precautions, including maintaining HIPAA safeguards, when they are gone for extended periods of time, according to the OCR December 2017 Cybersecurity...

OCR Reiterates HIPAA Guidance for Opioid Crisis Response

by

OCR recently discussed its current tools and initiatives in place to help organizations face the opioid crisis, touching on HIPAA guidance and how the agency is implementing the 21st Century Cures Act. OCR launched two new webpages...

$2.3M OCR Settlement Reached for 21st Century Oncology Data Breach

by

Cancer care services provider 21st Century Oncology (21CO) recently agreed to a $2.3 million OCR settlement, following a 2015 data breach. OCR found in its investigation that 21CO impermissibly disclosed the PHI of 2,213,597 of its...

Understanding HIPAA Data Sharing Policies for Better Patient Care

by

Access to electronic health data can help public health agencies work toward improving patient care and addressing community health challenges, according to recent research. However, confusion over HIPAA data sharing policies and how...

How HIPAA Information Sharing Regulations Impact the Opioid Crisis

by

With the opioid crisis recently declared a nationwide public health emergency, OCR issued guidance on how HIPAA regulations allow providers to participate in information sharing in an effort to improve patient care. There are often...

AHIMA: Patient Data Access Through Patient Portals Increases

by

Eighty-two percent of consumers took advantage of patient data access through a patient portal in 2016, an increase from less than 5 percent who did so in 2013, according to a study from the American Health Information Management...

73 Percent of Medical Professionals Share Passwords for EHR Access

by

A recent study examined the prevalence of password sharing among healthcare providers and found nearly three-quarters of surveyed medical professionals have used another staff member’s password to obtain EHR access at work. The...

Reviewing OCR HIPAA Guidance to Maintain Compliance

by

Covered entities should not be afraid to regularly review OCR HIPAA guidance and ensure that they remain compliant, even as they add new technologies into the daily workflow, according to OCR Senior Advisor for HIPAA Compliance and...

How HIPAA Rules Apply with Law Enforcement Investigations

by

HIPAA rules are meant to protect patient information, but what happens when there is a law enforcement investigation? Are police officers allowed to demand PHI without a warrant? That issue was brought forth in August 2017 when video was...

Mount Sinai St. Luke’s Sued Following HIPAA Violation

by

New York-based Mount Sinai St. Luke’s Hospital is being sued for faxing patient PHI to the patient’s employer, a reported HIPAA violation that has already resulted in an OCR HIPAA settlement. The Law Offices of Jeffrey...

OCR Urges Disaster Recovery, Health Data Backup in Storm Prep

by

As healthcare organizations prepare for potential natural disasters, it is essential that they have contingency plans in place that include a data backup plan and disaster recovery plan, according to a recent OCR release. Hurricane Irma...

Kentucky HIPAA Violation Case Ruling Held by Appeals Court

by

A Kentucky hospital was found to have acted lawfully when it fired a nurse for committing a HIPAA violation, according to the Kentucky Court of Appeals. The Appeals Court held a lower court’s dismissal of the nurse’s claim...

OCR: Staff Training Key for Data Security, Avoiding Scams

by

Healthcare organizations should ensure they are implementing strong staff training measures to maintain data security in the wake of Hurricane Harvey, according to the August OCR Cybersecurity Newsletter. Potential scammers may try and...

X

SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
BYOD
Cybersecurity
Data Breaches
Ransomware

Our privacy policy


no, thanks

Continue to site...