HIPAA Updates

44,600 Patients Affected by Ransomware Attack at Golden Heart Administrative Professionals

AK-based billing company, Golden Heart Administrative Professionals, a Fairbanks is alerting 44,600 people that some of their protected health information has potentially been obtained by unauthorized people due a recent ransomware attack. The ransomware was […]

HIPAA Advice

Microsoft Outlook and HIPAA Compliance

Software or an email application platform can never be completely HIPAA compliant, as compliance is dependent on how the software is being used rather than the software itself. However, software and email services can make […]

HIPAA Updates

Potential Theft of 4,500 Patients’ PHI BY Former Arkansas Children’s Hospital Employee Being Reviewed

A former staff member of Arkansas Children’s Hospital is being investigated by law authorities in relation to the theft and misuse of patients’ protected health information. The breach notice submitted to the Department of Health […]

HIPAA Advice

HIPAA Certification Explained

Many suppliers would like HIPAA certification to confirm they are fully compliant with HIPAA Rules and are knowledgeable with all parts of the Health Insurance Portability and Accountability Act (HIPAA), but can HIPAA certification be […]

GDPR News

First GDPR Ruling Issued in German Courts

Last Monday (July 9) a German court, in the first decision applying the General Data Protection Regulation (GDPR), ruled that data collection that exceeds what is necessary to achieve legitimate business purposes breaches one of the basic […]

HIPAA Updates

Humana Reports Cyber Spoofing Attack

Humana is contacting members across the US to notify them that their PHI may have been been accessed during a ‘sophisticated’ spoofing campaign. A spoofing attack refers to a concerted effort by a threat actor […]

HIPAA Advice

Penalties for Nurses Violated HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules must be adhered to by all covered bodies and their business associates. If it is found that they do not comply […]

HIPAA Advice

How to Comply with HIPAA Password Requirements

HIPAA password requirements state that processes must be implemented for setting up, amending, and securing passwords unless an alternative, equally-effective security measure is adapted. We feel that the best manner to comply with the HIPAA […]

HIPAA Advice

HIPAA Retention Requirements Explained

The small distinction between HIPAA medical records retention and HIPAA record retention can lead to some confusion when discussing HIPAA retention requirements. This article seeks to explain what records need to be retained under HIPAA, […]

HIPAA Updates

HealthEquity Phishing Attack Exposes PHI

HealthEquity Inc. has been hit by a phishing attack leading to the exposure of members’ protected health information. The data breach was restricted to one email account, although a review of the messages in the […]

HIPAA Advice

HIPAA and its Purpose

HIPAA (The Health Insurance Portability and Accountability Act) is an vital legislative Act that impacts the U.S. healthcare secor, but what is the purpose of HIPAA? Healthcare workers often complain about the limitations imposed by […]

Compliance Vendor News

Egnyte Launches One-Click GDPR Compliance Tool

Startup software vendor Egnyte is launching a one-click compliance solution for the GDPR. This tool aims to reduce the amount of time that companies need to spend on GDPR compliance. Using machine learning features, this […]

HIPAA Advice

Responsibilities of a HIPAA Compliance Officer

The Healthcare Insurance Portability and Accountability Act states that that an individual(s) within a Covered Entity or Business Associate must be assigned the duties of HIPAA Compliance Officer. The individual filling this role can be […]

Cybersecurity

Healthcare Organizations Slow to Adopt DMARC

By implementing the Domain-based Message Authentication, Reporting and Conformance (DMARC) Standard, healthcare organizations can identify and restrict email spoofing and abuse of their domains; however, relatively few healthcare groups are using DMARC for spam filtering, […]

HIPAA Updates

Release Form for HIPAA

A completed and signed HIPAA release form must be obtained from an individual before their protected health information can be distributed to other people or groups, except in the case of routine disclosures for treatment, […]

HIPAA Updates

Minnesota Ransomware Attack Impacts Over 6,500 Patients

Associates in Psychiatry and Psychology (APP) a Rochester, Minnesota-based health organization has suffered a ransomware attack that targeted several computers that stored patients’ protected health data. The ransomware attack was identified on March 31, 2018. […]

HIPAA Advice

What is the Significance of HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a pivotal piece of legislation, but why is HIPAA so significant? What alternations did HIPAA introduce and what are the advantages that it allocate to the […]

Cybersecurity

NIST Cybersecurity Framework Version 1.1 Released

The National Institute of Standards and Technology published an updated version of its Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) on April 16, 2018. The Cybersecurity Framework was first made available on February 2014 and has […]

HIPAA Updates

Potential PHI Compromise May Have Impacted 582,000 Patients of California Dept. of Developmental Services

582,174 patients of the California Department of Developmental Services (DDS) is contacting customers to inform them that their protected health information has possibly been compromised. Last February 11, 2018, some people broke into the DDS […]

HIPAA Updates

Cambridge Health Alliance Suffers PHI Breach

Law enforcement agencies have notified Cambridge Health Alliance (CHA) that the protected health information of some of its subscibers has been obtained by an unauthorized individual. Everett Massachusetts Police Department alerted, on January 31, 2018, […]

Cybersecurity

Liquid Web and HIPAA Compliance

Healthcare groups seeking a hosting solution may identify Liquid Web as a possible vendor, but is Liquid Web HIPAA compliant? Can its cloud management services be used by HIPAA-covered bodies for hosting applications and projects […]

HIPAA Updates

Threat Detection and Information Sharing in Healthcare Strengthened by NH-ISAC Partnership with Anomali

Anomali has teamed up with the National Health Information Sharing and Analysis Center (NH-ISAC) and will be supplying threat intelligence to healthcare groups through NH-ISAC. Anomali will be supplying NH-ISAC with the necessary tools and […]

HIPAA Updates

How Can You Obtain HIPAA Certification?

Many business are seeking HIPAA certification to confirm they are fully compliant with HIPAA rules and understand all parts of the Health Insurance Portability and Accountability Act (HIPAA). Due to this many are asking is […]

HIPAA Advice

Social Media Rules and HIPAA Rules

HIPAA was established many years before social media networks such as Facebook evolved, so there are no official HIPAA social media rules. However, there are HIPAA standards and regulations that apply to social media use […]

No Picture
HIPAA Advice

HIPAA and Texting Violations

To refer to texting as a violation of HIPAA is not strictly correct. Depending on the body copy of the text message, who the text message is being shared with, or mechanisms put in place […]