April 17th, 2017
Last month, Memorial Healthcare System (MHS) agreed to implement a comprehensive corrective action plan and pay a 5.5-million-dollar settlement for the breach of protected health information (PHI) that affected over 100,000 individuals. This is the second largest fine against a covered entity to date, sending a strong message that audit controls will be a key focus for the future. (1)
April 3rd, 2017
In August, Advocate Health Care Network agreed to pay a $5.55 million settlement with the U.S. Department of Health and Human Services Office for Civil Rights (OCR), for multiple HIPAA violations. In addition, HHS also recently announced a $650,000 resolution settlement against the Catholic Health Care Services of the Archdiocese of Philadelphia.
November 15th, 2016
In August, Advocate Health Care Network agreed to pay a $5.55 million settlement with the U.S. Department of Health and Human Services Office for Civil Rights (OCR), for multiple HIPAA violations. In addition, HHS also recently announced a $650,000 resolution settlement against the Catholic Health Care Services of the Archdiocese of Philadelphia.
October 24th, 2016
What is a Business Associate?
Business associates are considered any third-party contractor that performs work or activities on behalf of a healthcare organization or covered entity that involve the use or disclosure of protected health information (1).
October 11th, 2016
In June, the victims of the horrific Orlando shooting at Pulse Nightclub were also victims of a privacy breach when their personal health information was accessed without authorization by a few curious employees at Orlando Health Hospital. The hospital confirmed that employees have previously received HIPAA training on patient privacy. However, they are now retraining staff and increasing auditing and monitoring of patient records in response to the breach. Experts say the hospital could be responsible for penalties up to $100,000 depending on the severity. A high price for personal curiosity.
September 27th, 2016
Section 1557 is the non-discrimination provision of the Affordable Care Act (ACA) that protects individuals from discrimination in health care based on race, color, national origin, age, disability, and sex; including discrimination based on pregnancy, gender identity and sex stereotyping.
July 22nd, 2016
In 2015, Ransomware cost the US Healthcare industry nearly 6 billion dollars. Even more concerning is that there has been a 300% increase in ransomware attacks in 2016, according to a recent report from the U.S. Government.
June 15th, 2016
Most medical practices, healthcare organizations, and clinicians are very familiar with HIPAA rules and regulation. However, the law can be extensively complicated and is often a source of confusion and misinterpretation. According to the Office for Civil Rights (OCR), one of the most common complaints and frequently misunderstood parts of the law involves a patient’s right to access their personal medical records.
May 17th, 2016
Cyber criminals and hackers are targeting the healthcare industry at staggering rates, and huge profits are being made on the black market from patient’s PHI (personal healthcare information). PHI is said to be ten times more valuable than credit card information because it contains highly sensitive data such as social security numbers, birth dates, addresses, credit card information, telephone numbers, Medicare numbers, and prescriptions.
March 28th, 2016
On March 21, 2016, The HHS Office for Civil Rights (“OCR”) announced that the Phase 2 of HIPAA audits are now underway. The purpose of the audits is to assess the compliance of covered entities and business associates with HIPAA Privacy, Security and Breach Notification Rules.
February 17th, 2016
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was established to set national standards for the confidentiality, security, and transmissibility of personal health information. Violations of this Act can result in substantial fines to a practice ranging from $100 to $1.5 million.
March 12th, 2015
Regardless of whether or not you are a big company or a small company, you can still be subjected to a breach. Today’s hackers are professionals. Hackers have one thing in mind, “YOU”, not you as a person, but you, who has information that will benefit only “THEM”.
Hackers are looking...
July 30th, 2014
What if one of your friends asks you questions about your current job duties, and what it is your organization does. What information would you share? Should you only be concerned with HIPAA obligations?
Safeguarding Confidential Information is not just a HIPAA Obligation
Throughout your career you may be asked questions about...
November 11th, 2013
This article was written by Karen Pass, Senior Compliance Specialist with MedSafe.
There are many important elements to implementing an effective HIPAA Program, but none are more important than completing a security risk analysis. Conducting a risk analysis will give your practice an accurate and thorough assessment of the potential risks...