HIPAA Settlement: Business Associate Mistake Results in $750K Fine
The Office for Civil Rights has its hands full this year with HIPAA settlements. In the latest settlement, Raleigh Orthopaedic agreed to pay $750,000 for improperly disclosing protected health...
View ArticleHIPAA Settlement Casts NY Med in the Spotlight
The ABC show ‘NY Med’ is promoted as a show that highlights compassionate surgeons who change people’s lives with medical brilliance. It might be time to toss in some HIPAA brilliance as well. New...
View ArticleClik here to view.
An Inside Look at Healthcare Breaches
We want to take a moment to shine the spotlight on the developing nature of data breaches in the healthcare industry. Many reports recapping data breaches in 2015 are reporting the increase of data...
View ArticleClik here to view.
Negative Reviews Leading to a HIPAA Violation?
Is your healthcare organization violating HIPAA when responding to patient reviews on Yelp? Some healthcare professionals seem to have a tough time adapting to the world of sites like Yelp or RateMDs...
View ArticleOCR Bulletin: Patch Management Best Practices
The Office for Civil Rights (OCR) is focusing on the security risks involved with vulnerabilities in third-party software and applications this month. OCR released a bulletin highlighting best...
View ArticleOCR Announces First Business Associate HIPAA Settlement
Business associates beware! The Office for Civil Rights (OCR) is starting to target business associates with fines for HIPAA violations. OCR agreed to its first settlement with a business associate –...
View ArticleHIPAA Settlement: Heavy Fine for Small Breaches
If you thought smaller breaches didn’t catch the OCR’s attention, the latest HIPAA settlement may come as a surprise. Compared to other large breaches – with millions of compromised records – two...
View ArticleClik here to view.
Is Ransomware a Breach Under HIPAA?
With the dramatic rise in ransomware, there has been much speculation on whether ransomware attacks constitute a reportable breach under HIPAA. The Department of Health and Human Services (HHS) issued...
View ArticleHIPAA Settlement: $2.75 Million Penalty
University of Mississippi Medical Center (UMMC) agreed to a settlement with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) over multiple HIPAA violations that surfaced...
View ArticleOCR Sends Message with Record-Breaking HIPAA Fine
The Office for Civil Rights (OCR) took another major step with HIPAA enforcement by issuing the largest fine ever levied against a single healthcare entity. OCR entered a $5.55 million settlement with...
View ArticleClik here to view.
Smaller Healthcare Breaches to Receive More Attention from the OCR
The Office for Civil Rights (OCR) has been aggressive about enforcing HIPAA regulations this year. And we are likely to see the scope of their investigations widen. Currently, the OCR investigates all...
View ArticleClik here to view.
HHS Issues Important Cloud Computing Guidance
There has historically been confusion surrounding cloud service providers (CSP) and their related HIPAA compliance. To help provide clarity, the Department of Health and Human Services’ Office for...
View ArticleHIPAA Settlement Shows Importance of Business Associate Agreements
Vendor contract issues lead to yet another HIPAA violation as the Office for Civil Rights (OCR) cited the lack of business associate agreements in their latest settlement. OCR reached a settlement...
View ArticleHealthcare Ransomware Attack Leads to Breach Notification
A breach notification was recently sent to the Department of Health and Human Services, as well as to 33,000 affected individuals after a ransomware attack on a health clinic in Texas. Ransomware...
View ArticleOffice for Civil Rights Releases Important Update on HIPAA Audits
The Office for Civil Rights (OCR) released an update on the latest round of HIPAA audits that kicked off in July. What’s Been Done The second round of HIPAA audits got under way when a list of covered...
View ArticleSimple Slipup Leads to $2 Million HIPAA Settlement
The Office for Civil Rights (OCR) has settled another enforcement action, this time with St. Joseph Health (SJH). SJH provides a wide array of healthcare services, including 14 hospitals, home health...
View ArticleClik here to view.
Healthcare Organizations Must Comply with HIPAA and the FTC Act
Healthcare organizations spend a significant amount of time and resources on HIPAA compliance. But in addition to HIPAA regulations, organizations that collect and share consumer health information...
View ArticleClik here to view.
Phishing Alert: Healthcare Entities Targeted With Fake OCR Emails
Healthcare entities should be on the lookout for new phishing emails impersonating the Department of Health and Human Services Office for Civil Rights (OCR). The OCR is the government agency that...
View ArticleClik here to view.
University Settles with OCR Over 2013 Data Breach
Another university finds itself settling with the Office for Civil Rights (OCR) over HIPAA violations. The University of Massachusetts Amherst (UMass) agreed to a $650,000 settlement with OCR for a...
View ArticleClik here to view.
OCR Alert: Tips to Prevent DDoS Attacks
The Department of Health and Human Services Office for Civil Rights (OCR) has issued awareness guidance to give healthcare organizations tips to prevent Distributed Denial-of-Service (DDoS) attacks....
View Article