The a stolen laptop computer from a healthcare supplier belonging to Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. (MEEI) has lad to a settlement of $1.5 million with the HHS Office for Civil Rights for HIPAA breaches. The U.S....

The Office for Civil Rights and the Office of the National Coordinator have both recently provided guidelines and tips which healthcare professionals can use to ensure that their devices are made secure and ePHI is properly safe. The advice has been issued on...

Experian credit bureau has released a new report that predicts that 2014 will see a surge in  data breaches. The report also foresees that the healthcare industry will most targeted. The report says that the reason healthcare is so attractive to hackers is the sheer...

On 26th September, Lori Stein attended Cotton-O’Neil Diabetes and Endocrinology Center in Topeka and met with an endocrinologist for an appointment. Lori Stein´s checkup was standard in order to monitor her diabetes, but during her consultation she inquired if she...

Healthcare organizations and their business client are facing fines for non-compliance following the introduction of new regulations which secure the privacy of patients and the security of their personal information. The Omnibus Final Rule was passed earlier this...

Many healthcare groups were unwilling to implement the use Google Apps because under the new HIPAA rules, Google would have to sign a Business Associate agreement; something the internet giant had not completed. Google has now agreed to remove this obstacle and sign a...

The Privacy Rule amended the Health Insurance Portability and Accountability Act of 1996 to give people better controls over how their medical history can be used and disclosed to third parties. The Rule now prevents the disclosure or use of patient PHI for the...

The passing of the Omnibus Rule extended HIPAA’s reach to include business associates of HIPAA-covered bodies and requires them to comply with the same set of standards as the healthcare organizations with which they work. Business Associates are defined as any...

Advocate Health Care, one of the nation’s biggest healthcare suppliers, has announced that it has experienced a major HIPAA security breach after four unencrypted laptops were illegally taken from the Advocate Medical Group administrative buildings in Park Ridge,...

In a recent report from Spyglass Consulting, it is not just doctors who are signing up to medical BYOD schemes; nurses too are now registering and 69% of those polled said they bring their own mobile device to work with them. Mobile devices are not permitted to be...

Cedars-Sinai Hospital in Los Angeles was selected by reality TV star Kim Kardashian and Rapper Kayne West as the hospital to have their daughter delivered. Their baby was born on June 15th, but three days later some staff members started looking at the medical records...

L.A Times has published an article which has revealed that a sequence of events has run which has now lead to in Shasta Regional Medical Center (SRMC) agreeing to a settlement of $275,000 for its breaches of the Health Insurance Portability and Accountability Act...

The accidental disclosure of electronic Protected Health Information stored on one of Idaho State University's servers has led to the Department of Health and Human Services’ Office for Civil Rights has issuing a large fine. The University discovered that a server...

Mobile devices being stolen may be one of the main causes of HIPAA breaches, although human mistakes can easily lead to patient health data being accessible, with Dent Neurologic the latest healthcare group to suffer a major HIPAA breach due to the actions of a member...

Raleigh Orthopedic Clinic arranged for its X-ray films to be brought up to date and converted to digital media, the healthcare organization sought external assistance from a third party vendor. After locating a supplier that could offer the service and the selected...

The Office for Civil Rights (OCR) of the HHS has issued the largest ever financial penalty, $4.8m, for a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. The data breach happpened when a computer server...

Protected Health Information can easily be accessed by an unauthorized personnel if a document is left in a photocopier after copies have been made; however digital photocopiers can expose the personal health data of hundreds of thousands of people. When copies of...

A New York identity thief who stole the medical information of almost 1000 patients and committed $10.7 million in Medicare fraud has been found guilty of HIPAA violations by a New York federal court and given a 12-year sentence in a federal penitentiary. Over a...

A 911 dispatch office in Monroeville, Pittsburgh is being reviewed for a possible violation of the Health Insurance Portability and Accountability Act (HIPAA) after failing to secure protected health information. The Office for Civil Rights of the U.S. Department of...

The HIPAA Omnibus Rule comes into today, March 26, and amends existing HIPAA regulations to provide greater security for patient data; extending the reach of HIPAA and changing regulations to bring them in line with the Health Information Technology for Economic and...

According to Health Insurance Portability and Accountability Act (HIPAA) regulations, healthcare organizations must report data violations involving more than 500 people to the Office of Civil Rights and financial sanctions apply for HIPAA breaches; however security...

The passing of the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009 updated HIPAA, and as such it obliged the Department of Health & Human Services’ Office for Civil Rights (OCR) to complete a program of compliance audits to make...

An official announcement has been released by the Office of the Massachusetts Attorney General that a settlement has now been agreed with South Shore Hospital. The healthcare supplier will have to pay a fine of $750,000 for violations of the state Consumer Protection...

Boston Children’s Hospital has released a press statement revealing a laptop issued to one of its staff member has been lost at a conference in Buenos Aires; possibly exposing the protected health records of 2,159 of its patients. The laptop had basic security...

Before publishing Protected Health Information on any public website it is vital that the medium is reviewed for security risks. If a website is owned or controlled by a third party or a cloud service is supplied, a signed business associate agreement must also be...

The Office for Civil Rights has released a statement confirming that a settlement has been agreed with Adult & Pediatric Dermatology, P.C., of Concord, Massachusetts after the accidental disclosure of almost 2,200 patients after a memory stick was taken from the...