Following the presidential declaration of an emergency in Louisiana and Mississippi due to Hurricane Ida, the Secretary of the Department of Health and Human Services has declared a public health emergency exists in those states and has announced HIPAA sanctions and...
Who Can Sue for A HIPAA Violation?
Who can sue for a HIPAA violation? Unlike the California Consumer Privacy Act (CCPA), there is no private cause of action in HIPAA, so that means a patient cannot sue for a HIPAA breach even if their protected health information has been impermissibly disclosed or...
Hackers Focusing on Small & Medium-Sized Practices
During the past twelve months, the number of recorded ransomware attacks against healthcare organizations – particularly small and medium sized practices - has increased significantly. Security experts believe the increase in recorded ransomware attacks is...
What to do Following an Accidental HIPAA Violation
The vast majority of entities covered by the Health Insurance Portability and Accountability Act (HIPAA) provide regular training to employees on their responsibilities under HIPAA, and employees are diligent and take care not to violate the HIPAA Rules or put patient...
HIPAA Certification Explained
Many suppliers would like HIPAA certification to confirm they are fully compliant with HIPAA Rules and are knowledgeable with all parts of the Health Insurance Portability and Accountability Act (HIPAA), but can HIPAA certification be achieved in order to confirm...
Can you ask for Proof of COVID-19 Vaccine Status?
Due to the volume of federal, state, and international privacy regulations, it is understandable some businesses may be uncertain about whether you can ask for proof of COVID-19 vaccination status. The short answer to the question is yes. There are no federal, state,...
How to Comply with HIPAA Password Requirements
Although the text of HIPAA contains only one reference to passwords, there are several other areas of the Act in which it is inferred HIPAA password requirements exist. For example, under the Technical Safeguards of the Security Rule (45 CFR § 164.312), covered...
HIPAA Breaches & Healthcare Students
The value of providing healthcare students with Health Insurance Portability and Accountability Act (HIPAA) training cannot be underestimated as it can prevent serious data breaches from occurring while also increasing the employability of the individuals who...
HR Managers & HIPAA Compliance
Most HR managers will be aware that if the organization operates a self-funded health insurance plan which is also self-administered, employees with access to protected health information (PHI) are required to undergo HIPAA training. HIPAA training should be provided...
Releasing Patient Information Without Authorization
It is crucial that all members of staff at a HIPAA governed entity are completely aware of their obligations under the data privacy legislation - if not it could lead to financial penalties for the organization and other ramifications for the individual responsible...
How Should You Promote HIPAA Awareness in Your Organization?
Every HIPAA-covered entity must conduct HIPAA training on an ongoing basis to ensure that all employees know what they must do to avoid a HIPAA breach occurring. Equally important as conducting the training is choosing the best time to do so. There is an obligation on...
HIPAA & Telehealth Types Explained
Telehealth is an area that is very important to pay particular attention to when addressing the Health Insurance Portability and Accountability Act (HIPAA) compliance so it is important to be aware of the many different types of telehealth that have been created to...
How to Anonymize PHI & the De-identification of Protected Health Information
Healthcare groups and their business associates that want to transmit share protected health information must do so in line with the HIPAA Privacy Rule, which restricts the potential uses and disclosures of PHI, but de-identification of protected health information...
HIPAA Breach Cases 2020
Listed here is a summary of some of the most significant HIPAA breach cases that have lead to settlement agreements with the Department of Health and Human Services’ Office for Civil Rights (OCR). We have also listed some cases that have been pursued by OCR after a...
Can you Configure Amazon Alexa in a Entity to be HIPAA Compliant?
HIPAA compliance is already provided by Amazon for its cloud platform AWS and the group is aiming to increase the use of the Alexa voice recognition technology within the healthcare sector. There is great potential for Alexa to make a lot of workflows much more...
Can A Patient take a Legal Action in Relation to a HIPAA Violation?
Currently, there is no private cause of action in HIPAA, so a patient cannot take a legal action for a HIPAA violation. Even if HIPAA Rules have clearly been breached by a healthcare provider, and harm has been sustained due to this, it is not possible for patients to...
HIPAA Social Media Rules
Because HIPAA was enacted a number of years prior to the evolution of social media platforms, there are no provisions specifically addressing social media networks and PHI in the HIPAA text. However, this does not mean HIPAA does not apply to social media networks. In...
HIPAA Compliance Guide
Using a HIPAA compliance guide will put you in a position to ally your group and your business associates to gain a proper understanding of the requirements associated with the Health Insurance Portability and Accountability Act (HIPAA). It is vital that all...
Coronavirus and HIPAA Compliance
The Health Insurance Portability and Accountability Act (HIPAA) Rules still apply during public health emergencies such as the 2019 Novel Coronavirus (SARS-CoV-2) outbreak. When preventing and dealing with cases of COVID-19, the respiratory disease caused by...
HIPAA Compliance and the Use of Technology
As the number of medical professionals using personal mobile devices to communicate and collaborate on patient concerns increases it becomes more and more important to ensure that healthcare groups address the use of technology and HIPAA compliance. Many forms of...
Healthcare Cybersecurity
Healthcare cybersecurity is an increasing problem for organizations. Recent years have seen hacking and IT security incidents steadily increase and many healthcare organizations have struggled to secure their network perimeter and keep cybercriminals away. 2015 was...
HIPAA Telemedicine Guidelines
The HIPAA guidelines on telemedicine are relevant for all medical professional or healthcare groups that provide a remote service to patients in their homes or in community centers. Many people wrongly think that communicating ePHI at distance is allowable when the...
HIPAA History
Our review of HIPAA history begins on August 21, 1996, when the Healthcare Insurance Portability and Accountability Act (HIPAA) was enacted into law, but why was the HIPAA Act formulated? The HIPAA Act was formulated to “improve the portability and accountability of...
HIPAA Compliance and Skype
Skype Text and messaging platforms like it are a very convenient way of quickly sending data however there is still some discussion around how HIPAA compliant Skype actually is. The Skype service incorporates security measures to stop unauthorized access of...
Healthcare Groups Discovered Not to be Adhering with NIST CSF and HIPAA Rules
The results of recent research conducted by the consultancy firm CynergisTek has shown that healthcare groups are not adhering with NIST Cybersecurity Framework (CSF) controls and the HIPAA Privacy and Security Rules. For the study, CynergisTek reviewed the results of...
February 2018 Healthcare Data Breaches Summary
Our February 2018 healthcare data breach report lists the major data breaches reported by healthcare groups, health plans, and business associates in February 2018. Even though February is a shorter month, but there was a rise in the number of healthcare data breaches...
Amazon Web Services and HIPAA Compliance
Amazon Web Services has all the security requirement to adhere with the HIPAA Security Rule and the company is willing to complete a business associate agreement with healthcare groups. So, is AWS HIPAA compliant? The answer is both Yes and No. AWS can be deemed as...
Can Google Drive be Deemed HIPAA Compliant?
In order to properly address the question, “Is Google Drive HIPAA compliant?” there are a number of factors to consider. This is due to the fact that HIPAA compliance is less about specific technologies and more about how technologies are utilized. Any software...
Easy EHR Issues Reporting Challenge Winners Announced by ONC
The winners of the Easy EHR Issues Reporting Challenge have been announced by the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC). At present, reporting EHR safety concerns is a tiresome process that...
Virtua Medical Data Breach Agrees €200,000 Settlement with Business Associate
A $200,000 settlement has been agreed with Best Medical Transcription in relation to HIPAA breaches that were discovered during an investigation of a 2016 breach of 1,650 clients’ protected health information. Best Medical Transcription, a business associate of Virtua...
Raise the level of HIPAA Awareness in your organization with Learner-Friendly, Comprehensive and Affordable HIPAA Training.
COMPREHENSIVE HIPAA TRAINING
Used in 1000+ Healthcare Organizations and 100+ Universities
![mask_group_3](https://www.compliancejunction.com/wp-content/uploads/2023/09/mask_group_3.png)
Privacy is key to everything that we do at J Flowers Health Institute. We require the highest data privacy standards in our daily operations between our team members and patients. The HIPAA compliance and cyber security training we provide to our teams with ComplianceJunction creates enormous value for our organization.
Kevin DeLoach
Chief Operating Officer
J. Flowers Health Institute