HIPAA Advice

The majority of HIPAA covered bodies, business associates, and healthcare staff take great care to ensure HIPAA Rules are complied with, but what happens when there is accidental HIPAA violation? How should healthcare staff, covered […]

The results of recent research conducted by the consultancy firm CynergisTek has shown that healthcare groups are not adhering with NIST Cybersecurity Framework (CSF) controls and the HIPAA Privacy and Security Rules. For the study, […]

Our February 2018 healthcare data breach report lists the major data breaches reported by healthcare groups, health plans, and business associates in February 2018. Even though February is a shorter month, but there was a […]

HIPAA password requirements state that procedures must be implemented for creating, changing and securing passwords unless a different, equally-effective security measure is chosen. The password requirements under HIPAA are available the Administrative Safeguards of the […]

Amazon Web Services has all the security requirement to adhere with the HIPAA Security Rule and the company is willing to complete a business associate agreement with healthcare groups. So, is AWS HIPAA compliant? The […]

In order to properly address the question, “Is Google Drive HIPAA compliant?” there are a number of factors to consider. This is due to the fact that HIPAA compliance is less about specific technologies and more […]

A $200,000 settlement has been agreed with Best Medical Transcription in relation to HIPAA breaches that were discovered during an investigation of a 2016 breach of 1,650 clients’ protected health information. Best Medical Transcription, a […]

HIPAA-covered organizations must take every possible precaution to ensure protected health information (PHI) sent and received by email is safeguarded both at rest and in transit in order to prevent unauthorized access to patient data. […]

It is vital for all staff members in the healthcare sector to have a firm grasp of what a HIPAA violation is and how to report one. Understanding what a HIPAA violation entails should be […]

The Health Insurance Portability and Accountability Act (HIPAA) brought in many new regulations for healthcare groups, but who polices HIPAA? Which federal departments are charged with making sure HIPAA Rules are adhered to by covered […]

Many healthcare groups have considered the Zoho Office Suite as an alternative software package to organize workflows, but can Zoho be deemed HIPAA compliant? Zoho: What is it? Based in Pleasanton, CA Zoho is developer of […]

Most HIPAA covered bodies, business associates, and healthcare workers take lots of precautions care to ensure HIPAA Rules are adhered to, but what happens when there is accidental HIPAA violation? How should healthcare workers, covered […]

A completed HIPAA release form must be received from a patient prior to their protected health information being shared with other individuals or groups, except in the case of standard disclosures for treatment, payment or […]

A not-for-profit health system that operates Central Washington Hospital, Wenatchee Valley Hospital and a dozen satellite clinics in Central and North Central Washington, has experienced a data breach incident involving a staff member’s email account […]

Does Azure comply with HIPAA? Can Microsoft’s cloud services be implemented by HIPAA covered bodies without breaching HIPAA Rules? Many healthcare groups are considering shifting some of their services to the cloud, and a large […]

The Federal Communication Commission has released a Declaratory Ruling and Order to state the rules in relation to HIPAA and patient telephone calls. Some healthcare suppliers have had difficulty understanding the rules in relation to […]

Software or an email application platform can never be completely HIPAA compliant, as compliance is dependent on how the software is being used rather than the software itself. However, software and email services can make […]

Many suppliers would like HIPAA certification to confirm they are fully compliant with HIPAA Rules and are knowledgeable with all parts of the Health Insurance Portability and Accountability Act (HIPAA), but can HIPAA certification be […]

The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules must be adhered to by all covered bodies and their business associates. If it is found that they do not comply […]

The Alaska Department of Health and Social Services (ADHSS) is contacting ‘more than 500’ individuals to inform them that some of their protected health information (PHI) may have been accessed by hackers. On April 26, […]

Who can sue for a HIPAA violation? There is no private cause of action in HIPAA, so a patient cannot sue for a HIPAA vbreach. Even if HIPAA Rules have clearly been broken by a […]

HIPAA password requirements state that processes must be implemented for setting up, amending, and securing passwords unless an alternative, equally-effective security measure is adapted. We feel that the best manner to comply with the HIPAA […]

The small distinction between HIPAA medical records retention and HIPAA record retention can lead to some confusion when discussing HIPAA retention requirements. This article seeks to explain what records need to be retained under HIPAA, […]

HIPAA (The Health Insurance Portability and Accountability Act) is an vital legislative Act that impacts the U.S. healthcare secor, but what is the purpose of HIPAA? Healthcare workers often complain about the limitations imposed by […]

The Healthcare Insurance Portability and Accountability Act states that that an individual(s) within a Covered Entity or Business Associate must be assigned the duties of HIPAA Compliance Officer. The individual filling this role can be […]

The Health Insurance Portability and Accountability Act (HIPAA) is a pivotal piece of legislation, but why is HIPAA so significant? What alternations did HIPAA introduce and what are the advantages that it allocate to the […]

HIPAA was established many years before social media networks such as Facebook evolved, so there are no official HIPAA social media rules. However, there are HIPAA standards and regulations that apply to social media use […]

A web-based document management and storage system, SharePoint is one of the most popular leading collaborative services available, used by 78% of Fortune 500 firms. The service relies on Microsoft’s OpenXML document standard and therefore […]

A web and video conferencing and collaboration platform, WebEx allows businesses connect with remote workers and partners as if they are working on site. Using utilities like WebEx, healthcare groups can interact quickly and easily […]

Dropbox is a widely-used file hosting service operated by many organizations to share files, but what about protected health information? Is the service HIPAA compliant? Dropbox beleives it now supports HIPAA and HITECH Act compliance […]

In May, the global WannaCry ransomware attacks resulted in more than 230,000 computers being infected and encrypted. There were also a high number of other IT security incidents reported to the Department of Health and […]

In order to safeguard the Protected Health Information (PHI) of patients, the Health Insurance Portability and Accountability Act of 1996 placed a number of requirements on HIPAA-Covered Entities (CEs) . Furthermore, the act strictly controls […]

The following article considers the use, benefits and disadvantages of e-signatures in the healthcare industry, and whether they are compliant with HIPAA rules. The increasing utilisation of digital signatures in the healthcare industry increases the […]

The Security Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) reqiores that all covered bodies put in place the appropriate administrative, physical and technical safeguards to keep PHI secure. Failure to […]

Calculating the cost of a HIPAA data violation is not a simple process, at least not until a number of years after a data breach happened. Corrective actions must be taken following a data breach, […]

The Health Insurance Portability and Accountability Act of 1996 is one of the most important pieces of legislation in recent years in regard to the healthcare industry. In spite of its importance, many healthcare providers […]

  Social media networks such as Facebook, Twitter, Instagram and YouTube have the potential to lead to HIPAA breaches as they allow people to stay connected and share information with their friends, families, acquaintances, and […]

The HIPAA Omnibus Rule was passed in March this year, although the OCR gave covered bodies a grace period in which to bring their organizations strategies and procedures up to date with the new regulations. […]

The Omnibus Final Rule of the Health Insurance Portability and Accountability Act came into effect on March 26, after a long period of amendments, deliveration and adjustments. The main aim of the new legislation is […]

The passing of the Omnibus Final Rule, also referred to as the HIPAA Mega Rule due to the extent of that it amends the current legislation, clears up many loose ends that were in place […]

Financial sanctions for healthcare organizations found in breach of HIPAA regulations are to be raised substantially as part of the HIPAA Omnibus Rule, which will also be applied to business associates and their subcontractors. The […]