The passing of the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009 updated HIPAA, and as such it obliged the Department of Health & Human Services’ Office for Civil Rights (OCR) to complete a program of compliance audits to make...
The theft of a portable hard drive from a staff member of the Alaska Department of Health and Social Services (DHSS) possibly exposed the ePHI of almost 2,000 people. Following a review by the HHS Office for Civil Rights (OCR), a settlement has been agreed and the...
An official announcement has been released by the Office of the Massachusetts Attorney General that a settlement has now been agreed with South Shore Hospital. The healthcare supplier will have to pay a fine of $750,000 for violations of the state Consumer Protection...
Boston Children’s Hospital has released a press statement revealing a laptop issued to one of its staff member has been lost at a conference in Buenos Aires; possibly exposing the protected health records of 2,159 of its patients. The laptop had basic security...
Before publishing Protected Health Information on any public website it is vital that the medium is reviewed for security risks. If a website is owned or controlled by a third party or a cloud service is supplied, a signed business associate agreement must also be...