The names, admission dates and medical record numbers of 5,292 patients of University of Iowa Health Care were accessible over the Internet for around 2 years as a result of an error configuring an application […]
A recent survey conducted by risk management software vendor Netwrix has revealed only 5% of healthcare organizations are using software for risk management and security governance. Additionally, only 32% of healthcare organizations said they had […]
One of the largest data breaches of the year to date has been reported by Washington State University. An unencrypted hard drive containing the data of more than 1 million individuals has been stolen. The […]
The HIPAA Breach Notification Rule requires covered entities to issue breach notification letters to patients within 60 days of the discovery of a data breach. Already this year, OCR has agreed its first settlement with […]
The Ponemon Institute has conducted an annual benchmark study on the cost of data breaches for the last decade. Their 2016 Cost of Data Breach Study was published by the Institute earlier this week. The […]
Patient medical record access guidance has been issued by the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC). The HIPAA Privacy Rule permits patients to obtain copies […]
The healthcare industry is under attack from hackers and malicious insiders. Systems are being compromised at a greater rate than ever before. Last year saw record numbers of HIPAA breaches reported to OCR and the […]
In May, the global WannaCry ransomware attacks resulted in more than 230,000 computers being infected and encrypted. There were also a high number of other IT security incidents reported to the Department of Health and […]
Following the recent WannaCry ransomware attacks, the Department of Health and Human Services’ Office for Civil Rights (OCR) was particularly active. OCR sent out warnings, updates, and threat information related to WannaCry ransomware. OCR also […]
At the Healthcare Information and Management Systems Society’s 2017 conference-HIMSS17-OCR’s Deven McGraw released some new information on the HIPAA guidance OCR expects to release in 2017. Last year, the Joint Commission lifted the ban on […]
Although the total number of healthcare data breaches reported in 2016 is an order of magnitude lower than the number seen in 2015, there was a significant increase in the number of covered entities (CEs) […]
HIPAA settlements reached record highs in 2016. This is in part due to the Department of Health and Human Services’ Office for Civil Rights increasing its enforcement activities in recent years. In total, payments of […]
The Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA) place a number of requirements on healthcare organizations and other covered entities, such as stipulating allowable uses and disclosures of Protected […]
In recent years, there has been a substantial increase in the number of cyberattacks on healthcare organizations with the aim of obtaining PHI. It has proven profitable for hackers to conduct attacks on healthcare organizations […]
The FCC has recently clarified it the rules regarding HIPAA and patient telephone calls, but fails to properly consider automated telephone calls. There has been some confusion reported by healthcare authorities over the rules regarding […]
The following article considers the use, benefits and disadvantages of e-signatures in the healthcare industry, and whether they are compliant with HIPAA rules. The increasing utilisation of digital signatures in the healthcare industry increases the […]
The Health Insurance Portability and Accountability Act of 1996 is one of the most important pieces of legislation in recent years in regard to the healthcare industry. In spite of its importance, many healthcare providers […]
Veriphyr Identity and Access Intelligence has recently published a report into what causes the greatest threat to exposure of Protected Health Information (PHI). The study found that the theft of mobile devices may result in […]
Copyright © 2023 ComplianceJunction