HIPAA Updates

25,148 Patients Impacted in Ransomware Attack on the Southeastern Council on Alcoholism and Drug Dependence

A ransomware attack has resulted in widespread file encryption at the Southeastern Council on Alcoholism and Drug Dependence (SCADD) in Lebanon, CT. The attack was discovered on February 18, 2019 when problems started to be […]

CCPA News

50% of US Organizations Not Prepared for CCPA

According to a report released by the International Association of Privacy Professionals (IAPP) and OneTrust, prior to the California Consumer Privacy Act (CCPA) becoming enforceable on  January 1, 2020, nearly 50% of all companies will […]

GDPR Advice

GDPR and Data Minimization

Data minimization is one of the chief principles of the European Union’s General Data Protection Regulation (GDPR) which states that data processing should only use as much data as is required to complete as assigned […]

DEFAULT CATEGORY - DO NOT USE

Social Media Rules for HIPAA Compliance

HIPAA was enacted several years prior to social media networks such as Facebook being established, so there are no dedicated HIPAA social media rules; however, there are HIPAA laws and standards that apply to social […]

DEFAULT CATEGORY - DO NOT USE

Six Recommendations on Privacy Policies Released by Dutch DPA Following Investigation

Autoriteit Persoonsgegevens, the Dutch Data Protection Authority (DPA),  has published six recommendations for companies operating in the Netherlands. The agency says that these guidelines should be considered when drafting privacy policies. The Dutch DPA recommends […]

Cybersecurity

Healthcare Associations ask for Leniency for Breached Entities that Implement Cybersecurity Best Practices

Several healthcare groups have asked for leniency to be shown for healthcare organizations that would mean avoiding financial penalties for breaches of protected health information if the breached entity that has implemented certain standards for […]

HIPAA Advice

How to Manage Your HIPAA Password Requirements

HIPAA password requirements state that procedures must be implemented for creating, changing and securing passwords unless a different, equally-effective security measure is chosen. The password requirements under HIPAA are available the Administrative Safeguards of the […]

CCPA News

Are you ready for CCPA?

The California Consumer Protection Act (CCPA) is due to become enforceable on January 1, 2020. Corporations, government agencies and other groups will be using 2019 to prepare for the new legislation. The proposed legislation allows […]

HIPAA Advice

Email Providers that are HIPAA Compliant

HIPAA-covered organizations must take every possible precaution to ensure protected health information (PHI) sent and received by email is safeguarded both at rest and in transit in order to prevent unauthorized access to patient data. […]

HIPAA Updates

Several Employees of Claxton-Hepburn Medical Center Sacked due to Inappropriate PHI Access

A not-for-profit 115-bed community hospital in Ogdensburg, NY, Claxton-Hepburn Medical Center has sacked several employees for accessing patient health records without official permission.The PHI breaches were identified during an internal review. It is not yet obvious […]

Cybersecurity

Uber Settles Data Breach by Paying $148m

Uber, the peer-to-peer ridesharing, taxi cab, food delivery, bicycle-sharing and transportation network company has settled a fine in relation to a 2016 cyber-attack that exposed data from 57 million customers and drivers for $148m. The payment […]

HIPAA Advice

Who Polices HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) brought in many new regulations for healthcare groups, but who polices HIPAA? Which federal departments are charged with making sure HIPAA Rules are adhered to by covered […]

HIPAA Advice

Can Zoho be Deemed HIPAA Compliant?

Many healthcare groups have considered the Zoho Office Suite as an alternative software package to organize workflows, but can Zoho be deemed HIPAA compliant? Zoho: What is it? Based in Pleasanton, CA Zoho is developer of […]

HIPAA Advice

Release Form for HIPAA

A completed HIPAA release form must be received from a patient prior to their protected health information being shared with other individuals or groups, except in the case of standard disclosures for treatment, payment or […]

DEFAULT CATEGORY - DO NOT USE

The Signifigance of HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) is a landmark piece of data protection legislation in the USA. What is it that makes HIPAA so significant? What reform did HIPAA bring in and what […]

HIPAA Advice

HIPAA Compliance and Microsoft Azure

Does Azure comply with HIPAA? Can Microsoft’s cloud services be implemented by HIPAA covered bodies without breaching HIPAA Rules? Many healthcare groups are considering shifting some of their services to the cloud, and a large […]

HIPAA Advice

HIPAA and Patient Telephone Calls

The Federal Communication Commission has released a Declaratory Ruling and Order to state the rules in relation to HIPAA and patient telephone calls. Some healthcare suppliers have had difficulty understanding the rules in relation to […]

HIPAA Updates

44,600 Patients Affected by Ransomware Attack at Golden Heart Administrative Professionals

AK-based billing company, Golden Heart Administrative Professionals, a Fairbanks is alerting 44,600 people that some of their protected health information has potentially been obtained by unauthorized people due a recent ransomware attack. The ransomware was […]

HIPAA Advice

Microsoft Outlook and HIPAA Compliance

Software or an email application platform can never be completely HIPAA compliant, as compliance is dependent on how the software is being used rather than the software itself. However, software and email services can make […]

HIPAA Updates

Potential Theft of 4,500 Patients’ PHI BY Former Arkansas Children’s Hospital Employee Being Reviewed

A former staff member of Arkansas Children’s Hospital is being investigated by law authorities in relation to the theft and misuse of patients’ protected health information. The breach notice submitted to the Department of Health […]

HIPAA Advice

HIPAA Certification Explained

Many suppliers would like HIPAA certification to confirm they are fully compliant with HIPAA Rules and are knowledgeable with all parts of the Health Insurance Portability and Accountability Act (HIPAA), but can HIPAA certification be […]

GDPR News

First GDPR Ruling Issued in German Courts

Last Monday (July 9) a German court, in the first decision applying the General Data Protection Regulation (GDPR), ruled that data collection that exceeds what is necessary to achieve legitimate business purposes breaches one of the basic […]

HIPAA Updates

Humana Reports Cyber Spoofing Attack

Humana is contacting members across the US to notify them that their PHI may have been been accessed during a ‘sophisticated’ spoofing campaign. A spoofing attack refers to a concerted effort by a threat actor […]