by ComplianceJunction | Sep 20, 2017 | HIPAA News
The Californian multi-specialty physician’s group, Imperial Valley Family Care Medical Group (IVFCMG), has recently been audited by the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) following a potential breach of patients’ protected...
by ComplianceJunction | Aug 7, 2017 | Cybersecurity
The Department of Homeland Security has issued an alert over vulnerabilities in Siemens medical imaging devices. The vulnerabilities could be exploited remotely and attacks would require only a low level of skill. Exploits are publicly available that could allow...
by ComplianceJunction | Aug 7, 2017 | HIPAA News
The Health Information Trust Alliance (HITRUST) is looking to improve its threat information sharing capabilities and provide more assistance to HIPAA covered entities to help them manage cyber threats more effectively. HITRUST is already providing detailed...
by ComplianceJunction | Aug 3, 2017 | HIPAA News
The U.S. Senate has passed new legislation that will allow patients’ histories of drug addiction treatment to be shared with their physicians with consent. The legislation will help to ensure physicians can make more informed decisions about treatment for patients...
by ComplianceJunction | Aug 2, 2017 | HIPAA News
Regulations governing the treatment of substance use disorder records and HIPAA are currently at odds, although new legislation has been proposed to align both sets of regulations. Representatives Tim Murphy and Earl Blumenauer have introduced a new bill – The...
by ComplianceJunction | Aug 2, 2017 | Cybersecurity
The Medical Device Cybersecurity Act introduced by Connecticut Senator Richard Blumenthal last week is intended to improve the security of medical devices by making it harder for the devices to be hacked. If the legislation is passed, medical device manufacturers will...
by ComplianceJunction | Aug 1, 2017 | HIPAA News
The Department of Health and Human Services’ Office for Civil Rights has reminded HIPAA-covered entities why security awareness training for healthcare employees is so important in its July Cybersecurity Newsletter. PHI security is not only about technological...
by ComplianceJunction | Jul 28, 2017 | HIPAA News
A Plastic Surgery Associates of South Dakota ransomware attack has potentially resulted in criminals gaining access to the protected health information (PHI) of 10,200 of its patients. Last year, OCR confirmed in its ransomware guidance that a ransomware attack is...
by ComplianceJunction | Jul 27, 2017 | Cybersecurity
KPMG has published the findings of its recent Cyber Healthcare & Life Sciences Survey. The survey was conducted on 100 individuals with responsibility for information security at healthcare providers and payers with annual revenues in excess of $500 million. The...
by ComplianceJunction | Jul 26, 2017 | HIPAA News
For the second time this month, a healthcare provider has announced that an investigation into a ransomware attack has revealed a historic data breach. Earlier this month, Peachtree Neurological Clinic discovered a 15-month data breach during an investigation into a...
by ComplianceJunction | Jul 26, 2017 | Cybersecurity
HITRUST has announced it is embarking on a new Community Extension Program to reach out to healthcare organizations to provide advice on best practices to adopt to improve cybersecurity. The new program will enable HITRUST to discuss cybersecurity issues with...
by ComplianceJunction | Jul 21, 2017 | HIPAA News
AHIMA, the American Healthcare Information Management Association, has announced it has developed a model HIPAA release form that can be used by HIPAA-covered entities to streamline the processing of requests for copies of patients’ health information. The Health...
by ComplianceJunction | Jul 18, 2017 | HIPAA News
Peachtree Neurological Clinic has uncovered a 15-month security incident during the investigation of a ransomware attack. The Atlanta, GA clinic says the incident has resulted in the exposure of 176,295 patients’ protected health information. Initially, sensitive data...
by ComplianceJunction | Jul 14, 2017 | HIPAA News
The names, admission dates and medical record numbers of 5,292 patients of University of Iowa Health Care were accessible over the Internet for around 2 years as a result of an error configuring an application development website. University of Iowa Healthcare reports...
by ComplianceJunction | Jul 14, 2017 | Cybersecurity
A recent survey conducted by risk management software vendor Netwrix has revealed only 5% of healthcare organizations are using software for risk management and security governance. Additionally, only 32% of healthcare organizations said they had a separate...
by ComplianceJunction | Jun 23, 2017 | HIPAA News
One of the largest data breaches of the year to date has been reported by Washington State University. An unencrypted hard drive containing the data of more than 1 million individuals has been stolen. The breach is likely to be costly for the University. The 2017...
by ComplianceJunction | Jun 19, 2017 | HIPAA News
The HIPAA Breach Notification Rule requires covered entities to issue breach notification letters to patients within 60 days of the discovery of a data breach. Already this year, OCR has agreed its first settlement with a HIPAA-covered entity solely for delaying the...
by ComplianceJunction | Jun 16, 2017 | Cybersecurity
The Ponemon Institute has conducted an annual benchmark study on the cost of data breaches for the last decade. Their 2016 Cost of Data Breach Study was published by the Institute earlier this week. The overall report shows the cost of breach resolution has continued...
by ComplianceJunction | Jun 13, 2017 | HIPAA News
Patient medical record access guidance has been issued by the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC). The HIPAA Privacy Rule permits patients to obtain copies of their health information from...
by ComplianceJunction | Jun 12, 2017 | HIPAA News
The healthcare industry is under attack from hackers and malicious insiders. Systems are being compromised at a greater rate than ever before. Last year saw record numbers of HIPAA breaches reported to OCR and the trend has continued in 2017. This year looks like it...
by ComplianceJunction | Jun 1, 2017 | HIPAA Advice
In May, the global WannaCry ransomware attacks resulted in more than 230,000 computers being infected and encrypted. There were also a high number of other IT security incidents reported to the Department of Health and Human Services’ Office for Civil Rights (OCR)....
by ComplianceJunction | May 19, 2017 | HIPAA News
Following the recent WannaCry ransomware attacks, the Department of Health and Human Services’ Office for Civil Rights (OCR) was particularly active. OCR sent out warnings, updates, and threat information related to WannaCry ransomware. OCR also took the attacks as an...
by ComplianceJunction | Feb 16, 2017 | Cybersecurity, HIPAA News
At the Healthcare Information and Management Systems Society’s 2017 conference-HIMSS17-OCR’s Deven McGraw released some new information on the HIPAA guidance OCR expects to release in 2017. Last year, the Joint Commission lifted the ban on the use of text messages for...
by ComplianceJunction | Feb 14, 2017 | Cybersecurity
Although the total number of healthcare data breaches reported in 2016 is an order of magnitude lower than the number seen in 2015, there was a significant increase in the number of covered entities (CEs) that reported breaches. There were 16,471,765 recorded breaches...
by ComplianceJunction | Jan 16, 2017 | HIPAA News
HIPAA settlements reached record highs in 2016. This is in part due to the Department of Health and Human Services’ Office for Civil Rights increasing its enforcement activities in recent years. In total, payments of $22,855,300 were made to OCR in 2016 to resolve...
by ComplianceJunction | Sep 30, 2016 | HIPAA Advice
The Privacy and Security Rules of the Health Insurance Portability and Accountability Act (HIPAA) place a number of requirements on healthcare organizations and other covered entities, such as stipulating allowable uses and disclosures of Protected Health Information...
by ComplianceJunction | Jul 16, 2016 | Cybersecurity
In recent years, there has been a substantial increase in the number of cyberattacks on healthcare organizations with the aim of obtaining PHI. It has proven profitable for hackers to conduct attacks on healthcare organizations and sell the data on the black...
by ComplianceJunction | Jul 14, 2015 | HIPAA News
The FCC has recently clarified it the rules regarding HIPAA and patient telephone calls, but fails to properly consider automated telephone calls. There has been some confusion reported by healthcare authorities over the rules regarding HIPAA and patient telephone...
by ComplianceJunction | May 14, 2015 | HIPAA Advice
The following article considers the use, benefits and disadvantages of e-signatures in the healthcare industry, and whether they are compliant with HIPAA rules. The increasing utilisation of digital signatures in the healthcare industry increases the efficiency of...
by ComplianceJunction | Mar 14, 2015 | HIPAA Advice
The Health Insurance Portability and Accountability Act of 1996 is one of the most important pieces of legislation in recent years in regard to the healthcare industry. In spite of its importance, many healthcare providers and insurers remain unaware of many HIPAA...
by ComplianceJunction | Nov 16, 2013 | Cybersecurity
Veriphyr Identity and Access Intelligence has recently published a report into what causes the greatest threat to exposure of Protected Health Information (PHI). The study found that the theft of mobile devices may result in the largest exposures of PHI, however, the...
Page 3 of 3« First page«...23
