HIPAA Updates

OCR Proposes HIPAA Changes to Prohibit PHI Disclosures to Law Enforcement for Abortion Prosecutions

The Department of Health and Human Services’ Office for Civil Rights (OCR) has proposed an update to the HIPAA Privacy Rule to strengthen protections for reproductive health care data and bolster patient-provider confidentiality. The proposed […]

Health Data Use and Privacy Commission Act
HIPAA Updates

Investigation Suggests HIPAA Violations by Hospitals That Transfer Website Patient Data to Facebook

Hundreds of U.S. hospitals may be violating the Rules of the Health Insurance Portability and Accountability Act (HIPAA) by including the Meta Pixel tool on their websites, according to an investigation conducted by The Markup/STAT. […]

HIPAA Updates

OCR to Release Video Presentation to Improve Education on Recognized Security Practices under HITECH

In January 2021, the Health Information Technology for Economic and Clinical Health (HITECH) Act was amended (under Public Law 116-321) to require the Department of Health and Human Services to take any recognized security practices […]

Is HIPAA Training Required Annually?
HIPAA Updates

Reminder About Compliance with HIPAA Security Rule Information Access Management and Access Control Standards

Many healthcare data breaches are reported each year that involve unauthorized individuals gaining access to electronic protected health information (ePHI) stored on unsecured servers, including on-premises servers and those of cloud service providers. Without proper […]

HIPAA Updates

HHS Advises HIPAA Covered Entities to Address Vulnerabilities in PACS Servers

A TLP:White Alert has been issued by the HHS’ Health Sector Cybersecurity Coordination Center (HC3) regarding vulnerabilities identified in Picture Archiving Communication Systems (PACS) that hospitals and other healthcare providers and research institutions use for sharing […]

HIPAA Updates

1 Million Impacted in Blackbaud Data Breach

Another four healthcare suppliers have broadcast HIPAA breach alerts  in relation to the Blackbaud ransomware attack and data breach. Just after the Northwestern Memorial HealthCare group revealed that the personal information of 55,983 clients had […]

HIPAA Updates

25,148 Patients Impacted in Ransomware Attack on the Southeastern Council on Alcoholism and Drug Dependence

A ransomware attack has resulted in widespread file encryption at the Southeastern Council on Alcoholism and Drug Dependence (SCADD) in Lebanon, CT. The attack was discovered on February 18, 2019 when problems started to be […]

HIPAA Updates

Several Employees of Claxton-Hepburn Medical Center Sacked due to Inappropriate PHI Access

A not-for-profit 115-bed community hospital in Ogdensburg, NY, Claxton-Hepburn Medical Center has sacked several employees for accessing patient health records without official permission.The PHI breaches were identified during an internal review. It is not yet obvious […]


Uber Settles Data Breach by Paying $148m

Uber, the peer-to-peer ridesharing, taxi cab, food delivery, bicycle-sharing and transportation network company has settled a fine in relation to a 2016 cyber-attack that exposed data from 57 million customers and drivers for $148m. The payment […]