The Allina Health System Minneapolis Isles clinic has notified around 6,000 patients of a breach of their Protected Health Information (PHI). The clinic, located at 2800 Hennepin Avenue, found instances of improper PHI disposal had […]
The Office for Civil Rights recently release its first financial penalty to an organization that experienced a data violation after its staff responded to a phishing campaign. The case lead to The University of Washington […]
New cybersecurity measures specifically for the healthcare industry have been added to the Omnibus bill signed into law by Congress late last week. The aim of their inclusion is to help healthcare organizations tackle the […]
TigerText, the largest supplier of secure text messaging solutions, has revealed the its latest initiative, TigerText Anywhere: A HIPAA compliant secure texting app for desktop computing. TigerText’s HIPAA compliant text message platform has already been a […]
The Department of Health & Human Services Office of Inspector General has recently published the results of information system reviews conducted on three Californian Medicaid managed-care organizations (MCOs), revealinf numerous, significant security vulnerabilities. Overall, 74 high-risk […]
Day Pitney LLP has launch of a new HIPAA Self-Assessment Tool just before of the second round of Dept. Health and Human Services’ Office for Civil Rights HIPAA-compliance audits. The law firm, with approximately 300 attorneys […]
University of Washington Medicine has agreed to settle a HIPAA fine of $750,000, for potential HIPAA violations with the Department of Health and Human Services’ Office for Civil Rights, arising from a 90,000-record data breach […]
An HIPAA fine of $15,000 has been issued by the attorney general to University of Rochester Medical Center for a breach of patient privacy that happened in March, 2015. It is not only the Office […]
The Department of Health and Human Services’ Office for Civil Rights has agreed a HIPAA violation fine of $3.5 million with Puerto Rico Blue Cross Blue Shield licensee Triple S Management Corporation. This is the […]
Following a data breach that occurred back in 2011, the HHS has revealed that Lahey Hospital and Medical Center has agreed to settle a case with the Office for Civil Rights (OCR) over alleged HIPAA […]
A legal case has been filed by the Texas attorney general’s office against Alliance Health Management & Consulting Inc., for the improper disposal of Protected Health Information (PHI) of patients. The home healthcare management company […]
This week a case against University of Cincinnati Medical Center (UCMC) was presided over by Judge Jody Luebbers in the Hamilton County Common Pleas Court in relation to the posting of Protected Health Information of […]
Following the 2012 theft of a laptop computer containing the unencrypted data of 8,883 Connecticut residents, Hartford Hospital – and one of its Business Associates, EMC Corporation (EMC) – have agreed to a settlement with the Connecticut […]
Boston US Attorney’s Office has revealed that a unit of pharmaceutical company Warner Chilcott has agreed to plead guilty to healthcare fraud, and will be required to pay $125 million to resolve civil and criminal […]
As part of Phase IV of the CAQH® CORE® Operating Rules, the CAQH® Committee on Operating Rules for Information Exchange (CORE®) recently approved new national rules for electronic HIPAA transactions. These new rules for electronic […]
The Workgroup for Electronic Data Interchange (WEDI) has developed two new resources to help groupsput in place the new ICD-10 codes required by the Health Insurance Portability and Accountability Act (HIPAA). The new resources, ICD-10 State […]
The newly appointed Deputy Director for Information Privacy at the Department of Health and Human Services’ Office for Civil Rights has been adjusting to her new role at the OCR since her appointment earlier this […]
Cancer Care Group, an Indiana-based radiation oncology private physician practice, has agreed to settle with the Department of Health and Human Services’ Office for Civil Rights for $750,000, for potential HIPAA breaches relating to a […]
Fitbit, America’s leading producer of activity and fitness trackers, announced it has developed a HIPAA compliant wellness platform which it should corner the lucrative healthcare market. The company has dabbled with health and fitness trackers […]
The VA Office of the Inspector General (OIG) has recently issued the findings of its administrative examination of into improper web-based collaboration technology by the Department of Veteran Affairs (VA). It found the agency is particularly vulnerable […]
The Federal Communication Commission (FCC) has released a Declaratory Ruling and Order to clarify the rules in relation HIPAA and patient telephone calls. Some healthcare providers have had difficulty understanding the rules regarding HIPAA and […]
This week, the Vice President and Deputy Director of the American Hospital Association (AHA) sent a correspondence to the Centers for Medicare & Medicaid Services (CMMS) revealing concern over the implementation of Health Plan Identification numbers (HPIDs) […]
Being compliant with HIPAA Privacy and Security Rules can be a challenge for all organizations, regardless of size. However, smaller healthcare providers tend to have more issues. Budgets tend to be tighter, and a lack […]
In May, The University of Rochester Medical Center experience a data violation after a member of staff took the Protected Health Information (PHI) of patients to a new employer, The employee in question, who was […]
A recent ePHI data security audit completed by the New York Office of the State Comptroller has seen Roswell Park Cancer Institute pass with no HIPAA violations identified. The healthcare provider was commended for the […]
Two employees who retained the Protected Health Information (PHI) of patients after their employment at Arkansas Children’s Hospital was terminated, did not violate the Health Insurance Portability and Accountability Act (HIPAA) according to a rulign […]
The FCC has recently clarified it the rules regarding HIPAA and patient telephone calls, but fails to properly consider automated telephone calls. There has been some confusion reported by healthcare authorities over the rules regarding […]
Electronics giant Samsung has yet to issue a fix for a a security vulnerability existing on Samsung Galaxy devices, 7 months after the company was first alerted to it. A hacking vulnerability affecting S3 to […]
Deven McGraw been appointed to the role of Deputy Director of Health Information Privacy, and must get the agency auditing, advising and enforcing as it is supposed to be. Ms McGraw will be filling the […]
A survey recently released by Healthcare Information Security Today (HIST) shows many Covered Entities (CEs) are making the same compliance errors that were uncovered during the initial phase of audits. It has been three years […]
Microsoft has revealed it will be stopping ceasing patches and software updates for Windows Server 2003 on July 15, 2015. Any HIPAA-covered body that is still running the defunct software on any of its servers […]
A lack of a appropriate workforce with appropriate skills to improve cybersecurity defenses is leading many CISOs and CIOs to look outside their organizations for assistance. Businesses and healthcare suppliers are now increasingly hiring third […]
A former business owned by Crown Point Medical Tests has breached the Health Insurance Portability and Accountability Act (HIPAA) after it did not securely dispose of files containing the Protected Health Information (PHI) of at […]
Cybercriminals are stealing healthcare IT devices to gain access to Protected Health Information (PHI) so they can can make false insurance claims, apply for credit, and obtain medical prescriptions and services. This is one of […]
North Dakota and Nevada have updated their breach notification laws this year, joining the growing list of states to do so. In May 2017, new laws were passed to tighten up the legislation and expand […]
The Department of Health and Human Services’ Office for Civil Rights has confirmed – to Fierce Health IT – that its preliminary HIPAA surveys have now been issued, marking the start of the 2015 HIPAA […]
A Business Associate (BA) of the University of Pittsburgh Medical Center has issued a notification to the healthcare center, and many other clients, of a HIPAA breach caused by a member of staff. The now […]
The following article considers the use, benefits and disadvantages of e-signatures in the healthcare industry, and whether they are compliant with HIPAA rules. The increasing utilisation of digital signatures in the healthcare industry increases the […]
The Security Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) reqiores that all covered bodies put in place the appropriate administrative, physical and technical safeguards to keep PHI secure. Failure to […]
Calculating the cost of a HIPAA data violation is not a simple process, at least not until a number of years after a data breach happened. Corrective actions must be taken following a data breach, […]
According to HIPAA Rules, healthcare providers and other covered entities (CEs) are allowed to use the Protected Health Information (PHI) of patients – and share this data with others – provided that this data has […]
Protected Health Information (PHI) is kept secure under Health Insurance Portability and Accountability Act Rules, which requires adherence from covered entities (CEs) to put in place a number of controls to ensure that healthcare data […]
The second round of HIPAA compliance audits have yet to commence, the last round was in 2012, but they are supposedly returning and will be bigger and bolder than before. The Department of Health and […]
Microsoft Office 365 cloud services for the healthcare industry has been awarded the highest possible HITRUST CSF rating – achieving a maximum score of five – in a certification review of its security and privacy […]
Law firm, Day Pitney LLP, has released a warning to healthcare workers to be careful when disclosing Protected Health Information, even when asked to supply medical records to attorneys under subpoena. A Connecticut Supreme Court ruling in November […]
The last month has seen one HIPAA data breach affecting 150,000 individuals and another where affecting 11 million individuals. Both incidents have were experienced this month, with the most recent large data breach affecting almost three times the […]
An Illinois house committee will be meeting soon to debate the privacy issues raised by the installation of web based video cameras in nursing home residents’ bedrooms and how HIPAA Rules and the Wiretap Act […]
The Health Insurance Portability and Accountability Act of 1996 is one of the most important pieces of legislation in recent years in regard to the healthcare industry. In spite of its importance, many healthcare providers […]
Government department heads and industry leaders will be attending the 23rd National HIPAA Summit to give updates on the work that has been completed in the last year and to provide information on new legislation […]
The Medical College of Wisconsin has release a statement revealing that a data breach suffered has affected approximately 400 of its patients. WDJT Milwaukee, an affiliate of CBS, was contacted on Feb 28, 2015 by […]
The Aventura HIPAA breach, discovered in June 2014, has lead to a lawsuit being filed by a patient of the hospital, according to a Courthouse News Service report. The lawsuit was taken by Aventura patient, Kellie Lynn Case, […]
Recent progress in technology have allowed wearable devices to be developed to monitor health and fitness, and while these gadgets, monitors and sensors can significantly improve healthcare, they also carry a great danger of HIPAA […]
Late last week the Senate Health, Education, Labor and Pensions committee revealed thathealthcare IT security is to be addressed and that it will “take up the matter as part of a bipartisan review of health […]
The deadline for making security breaches, affecting less than 500 people, from 2014 known is coming in the next three weeks. Any healthcare supplier or other covered entity that has not filed all 2014 breach […]
The HHS has reacted to a letter sent by Representative Peter DeFazio (D-OR) asking for greater transparency on HIPAA Rules relating to the mobile health industry, and has confirmed that the OCR will be working […]
The App Association (ACT) – an advocacy and educational group set up to represent mobile app developers – recently wrote to the Office for Civil Rights seeking clarification on HIPAA privacy rules, and how […]
The Health IT Policy Committee’s Privacy and Security Workgroup has been reviewing a number of Big Data issues affecting the privacy and security of patients after two public hearings conducted by the organization in December […]
After the success of its HIPAA Enterprise Platform, Caspio has revealed it will now be offering HIPAA Compliant Professional Services for App Development, Caspio, a major cloud platform provider, offers its platform-as-a-service to businesses and […]
January 1 normally sees many announcements from hospitals around the country advising the public of the first babies to be born in the New Year; however 2015 has seen less hospitals opting to make the […]
Copyright © 2023 ComplianceJunction