HIPAA Updates

In May, The University of Rochester Medical Center experience a data violation after a member of staff took the Protected Health Information (PHI) of patients to a new employer, The employee in question,  who was […]

A recent ePHI data security audit completed by the New York Office of the State Comptroller has seen Roswell Park Cancer Institute pass with no HIPAA violations identified. The healthcare provider was commended for the […]

Two employees who retained the Protected Health Information (PHI) of patients after their employment at Arkansas Children’s Hospital was terminated, did not violate the Health Insurance Portability and Accountability Act (HIPAA) according to a rulign […]

The FCC has recently clarified it the rules regarding HIPAA and patient telephone calls, but fails to properly consider automated telephone calls. There has been some confusion reported by healthcare authorities over the rules regarding […]

Electronics giant Samsung has yet to issue a fix for a  a security vulnerability existing on Samsung Galaxy devices, 7 months after the company was first alerted to it. A hacking vulnerability affecting S3 to […]

A survey recently released by Healthcare Information Security Today (HIST) shows many Covered Entities (CEs) are making the same compliance errors that were uncovered during the initial phase of audits. It has been three years […]

Microsoft has revealed it will be stopping ceasing patches and software updates for Windows Server 2003 on July 15, 2015. Any HIPAA-covered body that is still running the defunct software on any of its servers […]

A former business owned by Crown Point Medical Tests has breached the Health Insurance Portability and Accountability Act (HIPAA) after it did not securely dispose of files containing the Protected Health Information (PHI) of at […]

Cybercriminals are stealing healthcare IT devices to gain access to Protected Health Information (PHI) so they can can make false insurance claims, apply for credit, and obtain medical prescriptions and services. This is one of […]

North Dakota and Nevada have updated their breach notification laws this year, joining the growing list of states to do so. In May 2017, new laws were passed to tighten up the legislation and expand […]

The Department of Health and Human Services’ Office for Civil Rights has confirmed – to Fierce Health IT – that its preliminary HIPAA surveys have now been issued, marking the start of the 2015 HIPAA […]

A Business Associate (BA) of the University of Pittsburgh Medical Center has issued a notification to  the healthcare center, and many other clients, of a HIPAA breach caused by a member of staff. The now […]

According to HIPAA Rules, healthcare providers and other covered entities (CEs) are allowed to use the Protected Health Information (PHI) of patients – and share this data with others – provided that this data has […]

Protected Health Information (PHI) is kept secure  under Health Insurance Portability and Accountability Act Rules, which requires adherence from covered entities (CEs) to put in place a number of controls to ensure that healthcare data […]

The second round of HIPAA compliance audits have yet to commence, the last round was  in 2012, but they are supposedly returning and will be bigger and bolder than before. The Department of Health and […]

Microsoft Office 365 cloud services for the healthcare industry has been awarded the highest possible HITRUST CSF rating – achieving a maximum score of five – in a certification review of its security and privacy […]

Law firm, Day Pitney LLP, has released a warning to healthcare workers to be careful when disclosing Protected Health Information, even when asked to supply medical records to attorneys under subpoena. A Connecticut Supreme Court ruling in November […]

The last month has seen  one HIPAA data breach affecting 150,000 individuals and another where affecting 11 million individuals. Both incidents have were experienced this month, with the most recent large data breach affecting almost three times the […]

An Illinois house committee will be meeting soon to debate the privacy issues raised by the installation of web based video cameras in nursing home residents’ bedrooms and how HIPAA Rules and the Wiretap Act […]

The Medical College of Wisconsin has release a statement revealing that a data breach suffered has affected approximately 400 of its patients. WDJT Milwaukee, an affiliate of CBS, was contacted on Feb 28, 2015 by […]

The Aventura HIPAA breach, discovered in June 2014, has lead to a lawsuit being filed by a patient of the hospital, according to a Courthouse News Service report. The lawsuit was taken by Aventura patient, Kellie Lynn Case, […]

Recent progress in technology have allowed wearable devices to be developed to monitor health and fitness, and while these gadgets, monitors and sensors can significantly improve healthcare, they also carry a great danger of HIPAA […]

Late last week the Senate Health, Education, Labor and Pensions committee revealed thathealthcare IT security is to be addressed and that it will “take up the matter as part of a bipartisan review of health […]

The deadline for making security breaches, affecting less than 500 people, from 2014 known is coming in the next three weeks. Any healthcare supplier or other covered entity that has not filed all 2014 breach […]

The HHS has reacted to a letter sent by Representative Peter DeFazio (D-OR) asking for greater transparency on HIPAA Rules relating to the mobile health industry, and has confirmed that the OCR will be working […]

  The App Association (ACT) – an advocacy and educational group set up to represent mobile app developers – recently wrote to the Office for Civil Rights seeking clarification on HIPAA privacy rules, and how […]

After the success of its HIPAA Enterprise Platform, Caspio has revealed it will now be offering HIPAA Compliant Professional Services for App Development, Caspio, a major cloud platform provider, offers its platform-as-a-service to businesses and […]

January 1 normally sees many announcements from hospitals around the country advising the public of the first babies to be born in the New Year; however 2015 has seen less hospitals opting to make the […]

As reported recently on Bloomsberg News, pharmaceutical companies are using patient PHI to market their products, even though they are not allowed to have access to this information in accordance with HIPAA regulations, HIPAA covered […]

In order to adhere with Health Insurance Portability and Accountability Act regulations it is vitally important that all healthcare and health plan suppliers use appropriate security measures to keep the personal and medical information of […]

The Early Learning Coalition of Palm Beach County has revealed that a now departed member of staff has inappropriately accessed a database containing the medical records of up to 230,000 patients. The database included personal […]

The Texas Health and Human Services Commission (THHSC) hasreported a 2 million-record HIPAA breach by Xerox to the Department of Health and Human Services’ Office for Civil Rights. Allegedly Xerox did not returned PHI following […]

The Department of Health and Human Services’ HIPAA Security Rule has said, in an official release, that healthcare entities and their business associates must put in place measures to protect private and confidential data of […]

An appeal against the $1.44 million award for damages by Walgreen Co. has been lost. The group was  it was ordered to pay the fine after a HIPAA Privacy Rule breach lead to confidential patient […]

Software companies and mobile phone application developers are worried about HIPAA regulations and have argues that the legislation is hampering new innovation. The industry has recognized the for stringent controls to ensure data is recorded, […]

A recent ruling by the Connecticut Supreme Court could allow for an influx of lawsuits from victims of theft and fraud who have had their secured private health information disclosed and have suffered losses or harm […]

The CMS has announced  that the rule that a national health plan identifier must be used for transactions has now been “delayed until further notice”. The Office of E-Health Standards and Services of the CMS […]

On October 2, The Office of the National Coordinator for Health Information Technology (ONC) released a report to congress providing guidance and recommendations on how new technology can be used in healthcare and how the safe […]

A supplierer diagnostic radiology services has revealed that it has experienced a data breach that has potentially exposed the billing information and personal identifiers of 307,000 individuals from all across the U.S.A. Touchstone Medical Imaging, […]

The Colorado Department of Health Care Policy and Financing has, accidentally, disclosed protected health information on patients and is in breach of HIPAA regulations following a recent mailshot. The breach has now been publicly revealed and […]

On Tuesday 30th September, California Governor Edmund Brown signed off on new legislation to improve the level of privacy protection for citizens of California. The new set of bills introduced a number of amendments to the […]

The main focus at the the 7th annual conference, Safeguarding Health Information: Building Assurance Through HIPAA Security held this month in Washington D.C. was to highlight the current state of health information management and to explore the use […]

Aventura Hospital and Medical Center has announced a new security breach, the third suffered in the last two years, which has affected up to 82,601 individuals. The healthcare provider has only recently discovered the breach, […]

The second round of HIPAA compliance audits has been put off until 2015 to give the OCR additional time to test its new internet portal. This next round of audits was initially scheduled to take […]

In the wake of high profile data breaches in recent months, in particular the breach of PHI across 209 hospitals run by CHS, compliance with HIPAA regulations is now high on the agenda, especially considering […]

The recently passed HIPAA Omnibus Rule, normally labelled as the Megarule due to its extensive amendments to existing legislation , updates the Health Insurance Portability and Accountability Act (1996) expanding its reach to include business […]

Violations of HIPAA regulations, failures to ensure compliance and for accidentally causing the privacy of patients to be compromised will lead to healthcare organizations facing heavy fines. Criminal charges may also be filed if it […]

An Illinois a class action lawsuit that arose from the Massive HIPAA breach affecting the healthcare provider last August has been thrown out by circuit court in Kane County. The incident possibly exposed the data […]

A civil action lawsuit arising from HIPAA violations caused by a physician at the Johns Hopkins Health System has been settled for a $190 million. The settlement arose due to a HIPAA Privacy Rule violation […]

Texan prosecutors recent;y filed an indictment in the Tyler District Court against Joshua Hippler, a 30-year-old former worker at an unnamed hospital in East Texas. In accordance with the Health Insurance Portability and Accountability Act […]

Over the past year the number of reported violations of Health Insurance Portability and Accountability Act (HIPAA) regulations has gone through the roof. The Department of Health and Human Services has seen a massive increase […]

The state of healthcare compliance in the US has been reviewed by PriceWaterhouseCoopers, following a survey carried out this summer. A report on the survey findings has now been released with the results showing that […]

A recent comparative study completed on mobile phone users on both sides of the Atlantic has shown the differences and similarities in opinions about the security of mobile phones and the data they carry. The […]

The largest ever financial penalty for violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules has been issued this by the Office for Civil Rights (OCR) of the HHS […]

The Office for Civil Rights (OCR) has revealed that it is to restart HIPAA compliance audit program this fall. Phase 2 will include 350 compliance audits which will be carried out on healthcare providers, healthcare […]

Carrying out an in depth risk assessment is a requirement under the HIPAA Security Rule; however it can be a complex process calling for all potential security weaknesses to be identified. The process can be […]

A recent announcement from the Ponemon Institute has shown the serious threat cyber attacks pose the healthcare industry and should serve as a warning that security must be improved. The cost to the industry is massive. Data […]

The Office for Civil Rights of the Department of Health and Human Services is moving closer to commencing the next round of HIPAA compliance audits issuing a notice in the Federal Register stating its intention […]

A new data security report issud by healthcare IT security firm Redspin suggests the number of data breaches made known to the U.S. Department of Health and Human Services has increased by 138% over the […]

All covered entities must  submit annual reports of HIPAA breaches to the U.S Department of Health and Human Services and the deadline for filing 2013 breaches is coming quickly. While there is a requirement under […]

Windows XP will no longer be HIPAA or meaningful use compliant in six weeks on some or all workstations,  so there is a deadline of April 8 for organizations to migrate to a new OS as […]

The Health Information Trust Alliance (HITRUST) has revealed that version seven of the HITRUST Common Security Framework (CSF) – due to be issed later this month – will include a number of new privacy controls. HITRUST […]

President Obama is increasing up efforts to minimize gun violence; however some legal obstacles remain and the HIPAA Privacy Rule is currently obstructing the reporting of important information to the National Criminal Background Check System. […]

A new HIPAA security breach has been discovered in Virginia involving 919 patients from the Riverside Health System which runs five hospitals in the Southeast Virginia area. The data violation did not involve tens of […]

The a stolen laptop computer from a healthcare supplier belonging to Massachusetts Eye and Ear Infirmary and Massachusetts Eye and Ear Associates, Inc. (MEEI) has lad to a settlement of $1.5 million with the HHS […]

The Office for Civil Rights and the Office of the National Coordinator have both recently provided guidelines and tips which healthcare professionals can use to ensure that their devices are made secure and ePHI is […]

Experian credit bureau has released a new report that predicts that 2014 will see a surge in  data breaches. The report also foresees that the healthcare industry will most targeted. The report says that the […]

On 26th September, Lori Stein attended Cotton-O’Neil Diabetes and Endocrinology Center in Topeka and met with an endocrinologist for an appointment. Lori Stein´s checkup was standard in order to monitor her diabetes, but during her consultation she […]

Healthcare organizations and their business client are facing fines for non-compliance following the introduction of new regulations which secure the privacy of patients and the security of their personal information. The Omnibus Final Rule was […]

Many healthcare groups were unwilling to implement the use Google Apps because under the new HIPAA rules, Google would have to sign a Business Associate agreement; something the internet giant had not completed. Google has […]

The Privacy Rule amended the Health Insurance Portability and Accountability Act of 1996 to give people better controls over how their medical history can be used and disclosed to third parties. The Rule now prevents […]

The passing of the Omnibus Rule extended HIPAA’s reach to include business associates of HIPAA-covered bodies and requires them to comply with the same set of standards as the healthcare organizations with which they work. […]

Advocate Health Care, one of the nation’s biggest healthcare suppliers, has announced that it has experienced a major HIPAA security breach after four unencrypted laptops were illegally taken from the Advocate Medical Group administrative buildings […]

In a recent report from Spyglass Consulting, it is not just doctors who are signing up to medical BYOD schemes; nurses too are now registering and 69% of those polled said they bring their own […]

Cedars-Sinai Hospital in Los Angeles was selected by reality TV star Kim Kardashian and Rapper Kayne West as the hospital to have their daughter delivered. Their baby was born on June 15th, but three days […]

L.A Times has published an article which has revealed that a sequence of events has run which has now lead to in Shasta Regional Medical Center (SRMC) agreeing to a settlement of $275,000 for its […]

The accidental disclosure of electronic Protected Health Information stored on one of Idaho State University’s servers has led to the Department of Health and Human Services’ Office for Civil Rights has issuing a large fine. The […]

Mobile devices being stolen may be one of the main causes of HIPAA breaches, although human mistakes can easily lead to patient health data being accessible, with Dent Neurologic the latest healthcare group to suffer […]

Raleigh Orthopedic Clinic arranged for its X-ray films to be brought up to date and converted to digital media, the healthcare organization sought external assistance from a third party vendor. After locating a supplier that […]

The Office for Civil Rights (OCR) of the HHS has issued the largest ever financial penalty, $4.8m, for a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. […]

Protected Health Information can easily be accessed by an unauthorized personnel if a document is left in a photocopier after copies have been made; however digital photocopiers can expose the personal health data of hundreds […]

A New York identity thief who stole the medical information of almost 1000 patients and committed $10.7 million in Medicare fraud has been found guilty of HIPAA violations by a New York federal court and […]

A 911 dispatch office in Monroeville, Pittsburgh is being reviewed for a possible violation of the Health Insurance Portability and Accountability Act (HIPAA) after failing to secure protected health information. The Office for Civil Rights […]

The HIPAA Omnibus Rule comes into today, March 26, and amends existing HIPAA regulations to provide greater security for patient data; extending the reach of HIPAA and changing regulations to bring them in line with […]

According to Health Insurance Portability and Accountability Act (HIPAA) regulations, healthcare organizations must report data violations involving more than 500 people to the Office of Civil Rights and financial sanctions apply for HIPAA breaches; however […]

The passing of the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009 updated HIPAA, and as such it obliged the Department of Health & Human Services’ Office for Civil Rights (OCR) to […]

An official announcement has been released by the Office of the Massachusetts Attorney General that a settlement has now been agreed with South Shore Hospital. The healthcare supplier will have to pay a fine of […]

Boston Children’s Hospital has released a press statement revealing a laptop issued to one of its staff member has been lost at a conference in Buenos Aires; possibly exposing the protected health records of 2,159 […]

Before publishing Protected Health Information on any public website it is vital that the medium is reviewed for security risks. If a website is owned or controlled by a third party or a cloud service […]

The Office for Civil Rights has released a statement confirming that a settlement has been agreed with Adult & Pediatric Dermatology, P.C., of Concord, Massachusetts after the accidental disclosure of almost 2,200 patients after a […]