CCPA and Businesses

CCPA and Businesses

Impact of CCPA on Business The Californian Governor Jerry Brown signed the Californian Consumer Privacy Act (CCPA) into law in June 2018. The CCPA has revolutionised the data privacy rights of Californian residents. CCPA offers new rights to consumers over their data...
Email Providers that are HIPAA Compliant

Email Providers that are HIPAA Compliant

HIPAA-covered organizations must take every possible precaution to ensure protected health information (PHI) sent and received by email is safeguarded both at rest and in transit in order to prevent unauthorized access to patient data. Many organizations opt to use...
Who Polices HIPAA?

Who Polices HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) brought in many new regulations for healthcare groups, but who polices HIPAA? Which federal departments are charged with making sure HIPAA Rules are adhered to by covered bodies and their business...
Can Zoho be Deemed HIPAA Compliant?

Can Zoho be Deemed HIPAA Compliant?

Many healthcare groups have considered the Zoho Office Suite as an alternative software package to organize workflows, but can Zoho be deemed HIPAA compliant? Zoho: What is it? Based in Pleasanton, CA Zoho is developer of cloud applications and web-based utilities...
The Significance of HIPAA

The Significance of HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a landmark piece of data protection legislation in the USA. What is it that makes HIPAA so significant? What reform did HIPAA bring in and what are the benefits to the healthcare sector and patients?...
HIPAA Compliance and Microsoft Azure

HIPAA Compliance and Microsoft Azure

Does Azure comply with HIPAA? Can Microsoft’s cloud services be implemented by HIPAA covered bodies without breaching HIPAA Rules? Many healthcare groups are considering shifting some of their services to the cloud, and a large number already have. The cloud provides...
HIPAA and Patient Telephone Calls

HIPAA and Patient Telephone Calls

The Federal Communication Commission has released a Declaratory Ruling and Order to clarify TCPA rules in relation to HIPAA and patient telephone calls. Some healthcare suppliers have had difficulty understanding TCPA rules in relation to HIPAA and patient telephone...
Microsoft Outlook and HIPAA Compliance

Microsoft Outlook and HIPAA Compliance

Software or an email application platform can never be completely HIPAA compliant, as compliance is dependent on how the software is being used rather than the software itself. However, software and email services can make it easier to comply with HIPAA. For this to...
Humana Reports Cyber Spoofing Attack

Humana Reports Cyber Spoofing Attack

Humana is contacting members across the US to notify them that their PHI may have been been accessed during a ‘sophisticated’ spoofing campaign. A spoofing attack refers to a concerted effort by a threat actor or bot to gain access to a system or data using illegally...
HIPAA Retention Requirements Explained

HIPAA Retention Requirements Explained

The small distinction between HIPAA medical records retention and HIPAA record retention can lead to some confusion when discussing HIPAA retention requirements. This article seeks to explain what records need to be retained under HIPAA, and what other retention...
HealthEquity Phishing Attack Exposes PHI

HealthEquity Phishing Attack Exposes PHI

HealthEquity Inc. has been hit by a phishing attack leading to the exposure of members’ protected health information. The data breach was restricted to one email account, although a review of the messages in the account showed a range of PHI was potentially stolen by...
HIPAA and its Purpose

HIPAA and its Purpose

HIPAA (The Health Insurance Portability and Accountability Act) is an vital legislative Act that impacts the U.S. healthcare secor, but what is the purpose of HIPAA? Healthcare workers often complain about the limitations imposed by HIPAA – Are the advantages of the...
Responsibilities of a HIPAA Compliance Officer

Responsibilities of a HIPAA Compliance Officer

The Healthcare Insurance Portability and Accountability Act states that that an individual(s) within a Covered Entity or Business Associate must be assigned the duties of HIPAA Compliance Officer. The individual filling this role can be an existing employee or a new...
Dignity Health Report Multiple Data Breaches

Dignity Health Report Multiple Data Breaches

A number of different data breaches and violations of HIPAA Rules have been discovered by Dignity Health in the past few weeks. One incident involved a staff member accessing the PHI of patients without official permission, a mistake occurred that allowed a business...
Release Form for HIPAA

Release Form for HIPAA

If your organization is governed by some (Business Associates) or all (Covered Entities) of the Privacy Rule, it is necessary to obtain a valid release form for HIPAA compliance before Protected Health Information (PHI) is used or disclosed for a purpose not required...