The Department of Health and Human Services’ Office for Civil Rights has released new information in relation to the Health Insurance Portability and Accountability Act…
60,545 subscribers to Tufts Health Plan have had their protected health information infiltrated as result of a phishing attack on the vision benefits management firm…
Dental Care Alliance, LLC, a dental support group with over 320 affiliated dental practices spread across 20 states, has been hacked and the protected health…
Hackers using Ragnar Locker ransomware have increased up their activity and have been focusing on companies and groups in a number of different sectors, according…
The HHS’ Civil Rights Office has publicly acknowledged its 18th HIPAA financial penalty of the year, with the 12th fine under its HIPAA Right of…
An update on ransomware activity targeting the healthcare and public health sectors has been released by the HHS’ Office of the Assistant Secretary for Preparedness…
An additional two hospitals have been impacted by ransomware attacks that have resulted in their computer networks being offline and medics having to use pen…
Universal Health Services has revealed the every one of its 250 United States based hospitals are 100% back in action following a suspected ransomware attack….
PrairieVille is a Magnolia Pediatrics based in LA and is now notifying 12,861 of its patients that a ransomware attack has potentially compromised some of…
A new version of the Security Risk Assessment (SRA) Tool has been released by the Department of Health and Human Services’ Office for Civil Rights….
Bronx, New York based Montefiore Medical Center has dismissed a member of staff in relation to the alleged theft of the protected health information of…
The update to the Security Risk Assessment (SRA) Tool of the Department of Health and Human Services’ Office for Civil Rights (OCR) has been updated…
The discovery of a security flaw IoT device components could allow cybercriminals to illegally obtain valuable private data or use the devices in further cyberattacks….
At the time that the HITECH ACT was passed, 2009, it was referred to as “the most important piece of healthcare legislation to be passed…
Long Island City, NY-located Boyce Technologies Inc, which produces transport communication systems and recently changed its production facilities to provide ventilators for hospitals during the…
In Washington, the House of Representatives has voted to remove the ban on the Department of Health and Human Services using federal funds to create…
The HHS’ Office for Civil Rights has sanctioned a $1,040,000 HIPAA fine on Lifespan Health System Affiliated Covered Entity (Lifespan ACE) following the discovery of…
The HHS’ Office for Civil Rights (OCR) has revealed that a $25,000 settlement has been agreed with Metropolitan Community Health Services to settle breaches of…
What are the civil penalties for knowingly breaching HIPAA laws? What is the highest possible financial penalty for a HIPAA violation and when are fines…
The HHS’ Office for Civil Rights (OCR) has revealed that a $25,000 settlement has been agreed with Metropolitan Community Health Services to settle breaches of…
The Senate Health, Education, Labor, and Pensions (HELP) Committee is pondering which of the 31 recent amendments to telehealth policies should remain in place when…
When patients suffer from an infectious respiratory disease like COVID-19, the immune system creates antibodies that put in place protection if the pathogen is another…
The HIPAA regulations for SMS do not specifically rule out the implementation of a “Short Message Service” to share Protected Health Information (PHI), but they…
Healthcare provider Aveanna Healthcare is facing a potential class action lawsuit in relation to a data breach that took place during 2019 which impacted 166,000…
The Healthcare Insurance Portability and Accountability Act states that a person (or persons) within a Covered Entity or Business Associate must be given the duties…
In separate incident employees based in Michigan and Illinois have been fired from their positions due to their involvement in HIPAA violations. At Ann &…
Management and Network Services (MNS), LLC, a Dublin, OH-located supplier of administrative support services to post-acute healthcare providers, has revealed that the email accounts of…
The Fortune 500 company Magellan Health has announced it experienced a ransomware attack in April that resulted in the encryption of files and theft of…
What are the HIPAA Training Requirements? As HIPAA applies to many different sorts of Covered Entity (CE) and Business Associate (BA), the HIPAA training requirements…
The protected health information of more than 10,000 patients has been impacted in a phishing attack no the Onamia, MN-based Mille Lacs Health System Phishing…
HIPAA states that covered entities must conduct training for staff to ensure HIPAA Rules and regulations are fully comprehended. As part of this HIPAA training,…
The most recent Patient Record Scorecard Report from Ciitizen has shown that there has been a welcome improvement in compliance with the HIPAA Right of…
Compliancy Group has revealed that Safe Partner Inc. has been able to show the establishment of a strong HIPAA compliance program and has successfully completed…
Connecticut -based Saint Francis Healthcare Partners is contacting 38,529 patients to make them aware that some of their protected health information may have been obtained…
A HIPAA business associate agreement (BAA) is contract between a HIPAA-covered entity and a vendor that is providing a service to that covered entity. They…
The HHS’ Office for Civil Rights (OCR) has released guidance to healthcare providers to reinforce the point that the HIPAA Privacy Rule forbids media and…
Breaches of HIPAA often occur due to a lack of comprehension of HIPAA requirements, particularly in relation to healthcare workers breaching the data privacy legislation….
A completed HIPAA release form must be handed over by a patient before their protected health information can be disclosed to other individuals or groups,…
On February Patch Tuesday, 2020, Microsoft made available a patch for a critical flaw the impacts Microsoft Exchange Servers which could possibly be targeted by…
The Sparks, NV orthodontics practice, Andrews Braces suffered a ransomware attack on February 14, leading to the encryption of patient data. A resulting investigation determining…
Stockdale Radiology in California has revealed that patient data has been impacted due to a ransomware attack thsat occurred on January 17, 2020. An internal…
Washington University School of Medicine making 14,795 oncology patients aware that some of their PHI may have been impacted in a phishing attacking during January…
The McHenry County Health Department in Illinois has been refusing to hand over the names of COVID-19 patients to 911 dispatchers to safeguard the privacy…
The HHS has released a Notice of Enforcement Discretion covering healthcare suppliers and business associates that participate in the operation of COVID-19 community-based testing centers….
“HIPAA Certification” is not an officially-recognized qualification to indicate that a Covered Entity or Business Associate is HIPAA compliant. It is just a certificate indicating…
The Georgia Department of Human Services has revealed that employees in Augusta, GA improperly shared of confidential case files that geld the healthcare records of…
This article looks into the 10 of the most common HIPAA violations. It should be remember that, in a lot of instances, investigations have found…
The Department of Health and Human Services announced, n April 2, 2020, that it will from here on be exercising enforcement discretion and will not…
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has released additional guidance on HIPAA and COVID-19, the disease caused by…
After the initial announcement from the HHS’ Office for Civil Rights that enforcement of HIPAA compliance in relation to the good faith provision of telehealth…
During February there were 39 healthcare data breaches of 500 or more records reported and 1,531,855 records were breached, which is the same as a…
Stephan C Dean, the co-owner of the California record storage company Surefile, reported a hacking/IT incident to the HHS’ Office for Civil Rights (OCR) on…
Recent reports have indicated that the World Health Organization has been impacted by a spate of cyber attacks where web pages have been established to…
On August 21, 1996 then US President Bill Clinton added his signature to the Health Insurance Portability and Accountability Act and HIPAA was passed into…
The Minnesota-based senior care treatment LifeSprk is making contact 9,000 of its clients that some of their protected health information was possibly breach due to…
It has been identified that an employee of Hawaii Pacific Health at Straub Medical Center in Honolulu has been snooping on the medical records of…
The best practices for cyber threat information sharing has been published by the Healthcare and Public Health Sector Coordinating Council (HSCC). This new information is…
The HHS has put together a Request for Information (RFI) to identify how HIPAA Rules are hindering patient information sharing and creating boundaries for healthcare…
The Department of Health and Human Services’ Office for Civil Rights (OCR) has made public the first HIPAA penalty of 2020. The medical practice of…
The evolution of technology has made it easier and easier for professionals within the healthcare sector. However, in tandem with this growth so has grown…
Healthcare data breaches of 500 or more records were reported to the Department of Health and Human Services’ Office for Civil Rights at a rate…
NRC Health, a supplier of patient survey services and software to over 9,000 healthcare group, including 75% of the biggest hospital networks in the United…
The term PHI a reference that normally refers to healthcare data, but what does PHI refer to, and what data is the subject of the…
A Department of Health and Human Services’ Office of Inspector General (OIG) audit has found that a number of pharmacies and other healthcare providers are…
The HIPAA Breach Notification Rule States that data breaches of 500 or greater records to be made known to the Secretary of the Department of…
Unauthorized individuals have been gaining access to access emails and email attachments containing the protected health information of 16,167 patients within the Hospital Sisters Health…
Oregon’s Medicaid coordinated-care group, Health Share of Oregon, is getting in touch with around 654,000 current and former subscribers to make them aware that a…
The Department of Health and Human Services has released a final rule amending the HIPAA National Council for Prescription Drug Programs (NCPDP) D.0 Telecommunication Standard…
A limited data set under HIPAA is a group of identifiable healthcare data that the HIPAA Privacy Rule permits covered groups to share with certain…
The term “HIPAA Covered Entity” was not actually included in the initial Healthcare Insurance Portability and Accountability Act when it was originally formulated in August…
Asking the question “Does HIPAA Apply to Employers” leads to a number of different answers as a result of the complicated nature of the HIPAA…
Security experts at TechCrunch have discovered a security flaw in a website hosting an internal customer relationship management system deployed the clinical laboratory network LabCorp….
The HITECH Act – or Health Information Technology for Economic and Clinical Health Act – makes up part of an economic stimulus package that was…
Health Quest, which now forms part of Nuvance Health, has become aware the phishing attack it experienced in July 2018 was more wide reaching than…
The Dutch Data Protection Authority (DDPA) has recorded the highest number of General Data Protection Regulation (GDPR) breach notifications according to a report published by…
There were an increase of 8.57%, from the previous month, of healthcare data breaches reported during December. 38 breaches of 500 or greater records were…
Adventist Health Sonora in California has found out that an unauthorized person has obtained access to the email account of a hospital associate and may…
If you wish to use Gmail in a HIPAA fashion then you must ensure that the email platform is 100% secure and adheres to the…
On January 1, 2020, the California Consumer Protection Act (CCPA) came became enforceable. CCPA enhanced privacy security for state residents and gave Californians new rights …
Most group health plan sponsors are not fully adhering to the Health Insurance Portability and Accountability Act Rules, according to a recently published by the…
HIPAA carries a big impact for healthcare providers, health plans, healthcare clearinghouses, and business associates of those HIPAA-governed bodies entities but how does HIPAA impact…
Native American Rehabilitation Association of the Northwest, Inc., (NARA) a Portland, OR-based supplier of education, physical and mental health services and substance abuse treatment services…
50,000 patients of Alexandria, MN-based Alomere Health are being contacted to advise them that a portion of their protected health information was potentially accessed by…
If Gmail is to be deemed HIPAA compliant, Google would have to see to it that the service provided is 100% secure and adheres with…
Within the healthcare sector there has been a massive shift in the last 10-15 years towards sharing Private health Information digitally to many different clients…
If HIPAA rules are breached on purpose or by accident the financial implications can be massive. Even if a breach is discovered but you do…
Google and its parent company Alphabet are being targeting to release details regarding how the protected health information (PHI) of patients of Ascension will be…
The Department of Education and the Office for Civil Rights has released updated guidelines which aims to set in stone when students’ health information can…
Truman Medical Centers, the biggest provider of inpatient and outpatient services in Kansas City, MO, has found out that the protected health information of 114,466…
The Centers for Medicare and Medicaid Services (CMS) has found that a vulnerability in its Blue Button 2.0 API that allowed access to the…
The email accounts of several staff members of Conway Medical Center in South Carolina have been obtained by unauthorized persons. The phishing attack was first…
Hackensack Meridian Health, the biggest health network in New Jersey, has revealed it was targeted in a cyberattack recently which resulted in ransomware being deployed…
Facebook may be considered a useful platform for connected people and corresponding. However, could it be used by healthcare organizations as the messaging service for…
The Department of Health and Human Services’ Office for Civil Rights has revealed its second enforcement penalty has been applied under its HIPAA Right of…
Ransomware attacks are often conducted indiscriminately, with the file-encrypting software commonly distributed in mass spam email campaigns. However, since 2017, ransomware attacks have become far…
A HIPAA breach refers to the capture, viewing, use or sharing of Private Health Information in a manner not adhering with the HIPAA ACT ,…
The question ‘is Google Forms HIPAA compliant and suitable for use by healthcare organizations?’ is extremely important as this is a very popular survey administration…
In most instances, emergency notification systems for business would not be implemented in order to share Protected Health Information (PHI); but if there was an…
