Category: HIPAA
-
Training, Training, Training—The First Line of Defense When it Comes to HIPAA Compliance
By: Kelli Carpenter Fleming with Burr Forman When it comes to HIPAA compliance efforts, the first line of defense in ensuring that protected health information is secured appropriately and compliantly is training your practice’s employees. More often than not, when an inappropriate use or disclosure of protected health information occurs, it is because an employee…
-
Potential HIPAA Changes That Would Allow Healthcare Providers to Disclose Phi and Better Protect Patients
by Lindsey Phillips, Burr & Forman On December 10, 2020, the Office for Civil Rights (“OCR”) at the United States Department of Health and Human Services (“HHS”) announced proposed changes to the regulations implementing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The proposed changes, which are set out in the Notice of…
-
The Privacy Vulnerabilities of Zoom Software and Potential Alternatives
Over the past month, as more nationwide “Shelter at Home” orders have been issued and more companies have transitioned to telework, the need for online meetings and webinars has skyrocketed. To accommodate this new way of doing business, many have turned to a platform called Zoom. The problem? No one bothered to read the fine…
-
Phishing Emails: One Click and That’s It!
Many health care entities recognize that cybersecurity threats present a substantial risk to their organization. Moreover, the HIPAA Security Rule requires health care providers to develop and implement policies and procedures to ensure the confidentiality, integrity and availability of protected health information. However, while entities aim to secure health data, a recent study of health…
-
What Are the Top Three Concerns When Negotiating Business Associate Agreements?
Business Associate Agreements (“BAAs”) are a necessary tool for ensuring HIPAA compliance, and the negotiated terms of BAAs are becoming more and more important as we venture into an era of mass cyber attacks and related HIPAA breaches. Covered entities, such a physician practices, are required to enter into a BAA anytime they hire a…
-
How Are HIPAA Breaches Impacting Alabama?
HIPAA enforcement reached an all-time high in 2018, with financial settlements ranging from $100,000 to $16,000,000. The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) is responsible for providing oversight and ensuring HIPAA compliance. Last year alone, OCR resolved a total of 25,089 complaints of HIPAA violations and required at least…
-
HHS Lowers Annual Limits of Penalties for HIPAA Violations
Published in the Federal Register on April 30, 2019, the Department of Health and Human Services (“HHS“) issued a notification to inform the public that HHS is exercising its discretion in how it applies regulations concerning the assessment of civil money penalties (“CMPs“) under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA“), as…
-
How Can You Ensure Your Email is Safe and HIPAA Compliant?
Using free email providers like Gmail, Yahoo, and MSN are expedient and easy to set up. It’s the reason why some healthcare providers rely on them. While you could stretch to make the argument that these email services can be configured to be “HIPAA capable,” none in the eyes of security experts are HIPAA compliant.…
-
Think Your Practice Management Software Makes You HIPAA Compliant?
Complying with HIPAA security standards is a complex matter that demands a comprehensive solution. As a busy healthcare provider, it’s easy and convenient to trust that your practice management software satisfies the necessary HIPAA requirements to keep your electronic medical records safe. But the truth is, in most cases, it doesn’t. A False Sense of…