HIPAA Advice

HIPAA and Patient Telephone Calls

The Federal Communication Commission has released a Declaratory Ruling and Order to state the rules in relation to HIPAA and patient telephone calls. Some healthcare suppliers have had difficulty understanding the rules in relation to […]

HIPAA Updates

44,600 Patients Affected by Ransomware Attack at Golden Heart Administrative Professionals

AK-based billing company, Golden Heart Administrative Professionals, a Fairbanks is alerting 44,600 people that some of their protected health information has potentially been obtained by unauthorized people due a recent ransomware attack. The ransomware was […]

HIPAA Advice

Microsoft Outlook and HIPAA Compliance

Software or an email application platform can never be completely HIPAA compliant, as compliance is dependent on how the software is being used rather than the software itself. However, software and email services can make […]

HIPAA Updates

Potential Theft of 4,500 Patients’ PHI BY Former Arkansas Children’s Hospital Employee Being Reviewed

A former staff member of Arkansas Children’s Hospital is being investigated by law authorities in relation to the theft and misuse of patients’ protected health information. The breach notice submitted to the Department of Health […]

HIPAA Advice

HIPAA Certification Explained

Many suppliers would like HIPAA certification to confirm they are fully compliant with HIPAA Rules and are knowledgeable with all parts of the Health Insurance Portability and Accountability Act (HIPAA), but can HIPAA certification be […]

GDPR News

First GDPR Ruling Issued in German Courts

Last Monday (July 9) a German court, in the first decision applying the General Data Protection Regulation (GDPR), ruled that data collection that exceeds what is necessary to achieve legitimate business purposes breaches one of the basic […]

HIPAA Updates

Humana Reports Cyber Spoofing Attack

Humana is contacting members across the US to notify them that their PHI may have been been accessed during a ‘sophisticated’ spoofing campaign. A spoofing attack refers to a concerted effort by a threat actor […]

HIPAA Advice

Penalties for Nurses Violated HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules must be adhered to by all covered bodies and their business associates. If it is found that they do not comply […]

HIPAA Advice

How to Comply with HIPAA Password Requirements

HIPAA password requirements state that processes must be implemented for setting up, amending, and securing passwords unless an alternative, equally-effective security measure is adapted. We feel that the best manner to comply with the HIPAA […]

GDPR Advice

How to Make Your Website GDPR Compliant

On May 25 this year the General Data Protection Regulations (GDPR) legislation became enforceable in the European Union (EU). GDPR is aimed at protecting the personal data of every EU employee, every EU client, and […]

HIPAA Advice

HIPAA Retention Requirements Explained

The small distinction between HIPAA medical records retention and HIPAA record retention can lead to some confusion when discussing HIPAA retention requirements. This article seeks to explain what records need to be retained under HIPAA, […]

HIPAA Updates

HealthEquity Phishing Attack Exposes PHI

HealthEquity Inc. has been hit by a phishing attack leading to the exposure of members’ protected health information. The data breach was restricted to one email account, although a review of the messages in the […]

GDPR Advice

GDPR Marketing Checklist

Since the General Data Protection Regulation (GDPR) became live on May 25 this year in the European Union (EU), those involved in marketing, online and otherwise, have had to make some serious changes to the […]

GDPR Advice

What is a GDPR Recital?

The General Data Protection Regulations (GDPR) became enforceable at the end of last month in all European Union Member States. Many areas of confusion surround this complex legislation, chief among those is the area of […]

HIPAA Advice

HIPAA and its Purpose

HIPAA (The Health Insurance Portability and Accountability Act) is an vital legislative Act that impacts the U.S. healthcare secor, but what is the purpose of HIPAA? Healthcare workers often complain about the limitations imposed by […]

GDPR Advice

Who Does GDPR Apply to?

The General Data Protection Regulations (GDPR) became enforceable on May 25 and there is still a lot of confusion surrounding this legislation. If you are not living in a European Union (EU) country, you may […]

Compliance Vendor News

Egnyte Launches One-Click GDPR Compliance Tool

Startup software vendor Egnyte is launching a one-click compliance solution for the GDPR. This tool aims to reduce the amount of time that companies need to spend on GDPR compliance. Using machine learning features, this […]

GDPR Advice

How US Citizens get Protection from GDPR

The General Data Protection Regulation came into effect this week in all European Union m Member States countries. The focus of this new legislation is to protect the right of all European Union citizens. While […]

GDPR News

GDPR hits Johnston Press Group Revenues

The introduction of the General Data Protection Regulation has been blamed for a 9% drop in the revenues of the Johnston Press Media Group. Johnston Press operates approximately 200 newspapers and websites across the United […]

HIPAA Advice

Responsibilities of a HIPAA Compliance Officer

The Healthcare Insurance Portability and Accountability Act states that that an individual(s) within a Covered Entity or Business Associate must be assigned the duties of HIPAA Compliance Officer. The individual filling this role can be […]

GDPR News

Ghostery GDPR Email Breaches GDPR Rules

Ghostery, a privacy and security-related browser extension and mobile browser application, breached the newly introduced European Union GDPR Data Privacy legislation with the email it distributed to it’s users to advise them of changes in Data […]

GDPR Advice

Guide to GDPR Penalties

The General Data Protection Regulation (GDPR) is now enforceable in all European Union (EU) states. All businesses, not just those in EU Member States, are affected by it if they employ, hire, trade with, or […]

GDPR Advice

How to Report a GDPR Breach

The General Data Protection regulations have just kicked in in all European Union (EU) Member States. Due to this, if your business or organization employs, trades with, buys or sells to or from an individual […]

GDPR News

New GDPR Compliance Tools Introduced by Facebook

Social Media giant Facebook has launched two new features to help businesses better protect people’s privacy and respond to privacy requests following the introduction of the new European Union GDPR legislation last week. The two […]

GDPR Advice

GDPR Subject Access Request Procedures

At the end of May, the General Data Protection Regulation becomes law across all European Union Member States. This legislation aims to provide greater protection of the data of all EU citizens wherever they reside. […]

Cybersecurity

Healthcare Organizations Slow to Adopt DMARC

By implementing the Domain-based Message Authentication, Reporting and Conformance (DMARC) Standard, healthcare organizations can identify and restrict email spoofing and abuse of their domains; however, relatively few healthcare groups are using DMARC for spam filtering, […]

HIPAA Updates

Release Form for HIPAA

A completed and signed HIPAA release form must be obtained from an individual before their protected health information can be distributed to other people or groups, except in the case of routine disclosures for treatment, […]

GDPR Advice

GDPR Rules for Hotels

The newly-introduced European Union General Data Protection Regulation has far-reaching effects on businesses and organizations that deal with, or employ, European Union citizens anywhere in the world. One of the main business sectors affected by […]

HIPAA Updates

Minnesota Ransomware Attack Impacts Over 6,500 Patients

Associates in Psychiatry and Psychology (APP) a Rochester, Minnesota-based health organization has suffered a ransomware attack that targeted several computers that stored patients’ protected health data. The ransomware attack was identified on March 31, 2018. […]

GDPR Advice

What are GDPR Data Subject Rights?

Under the General Data Protection (GDPR) legislation, which becomes effective tomorrow, Friday May 25, individuals who are European Union (EU) citizens have eight fundamental rights. Many EU citizens, and companies that have collected their personal […]

GDPR News

Microsoft to Apply EU GDPR Rights Globally

With the May 25 introduction date the the European Union’s General Data Protection Regulation looming, computing giant Microsoft has announced that it will be extending the core privacy rights of the new EU legislation on […]

GDPR News

ISME Chief Executive says SMEs Require Help on GDPR

Chief Executive of Isme, Neil McDonnell, has pleaded with data-protection bodies to be “instructive, rather than punitive”, towards SMEs (small and medium enterprises), with the May 25 introduction date for the European Union’s General Data […]

GDPR Advice

Data Retention Policies under GDPR

As of this Friday, May 25, the General Data Protection Regulation comes into effect in all European Union (EU) states. Many countries who are not members of the EU remained unconcerned about the requirements of […]