Category: HIPAA
-
Potential HIPAA Changes That Would Allow Healthcare Providers to Disclose Phi and Better Protect Patients
by Lindsey Phillips, Burr & Forman On December 10, 2020, the Office for Civil Rights (“OCR”) at the United States Department of Health and Human Services (“HHS”) announced proposed changes to the regulations implementing the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The proposed changes, which are set out in the Notice of…
-
The Privacy Vulnerabilities of Zoom Software and Potential Alternatives
Over the past month, as more nationwide “Shelter at Home” orders have been issued and more companies have transitioned to telework, the need for online meetings and webinars has skyrocketed. To accommodate this new way of doing business, many have turned to a platform called Zoom. The problem? No one bothered to read the fine…
-
Phishing Emails: One Click and That’s It!
Many health care entities recognize that cybersecurity threats present a substantial risk to their organization. Moreover, the HIPAA Security Rule requires health care providers to develop and implement policies and procedures to ensure the confidentiality, integrity and availability of protected health information. However, while entities aim to secure health data, a recent study of health…
-
How Are HIPAA Breaches Impacting Alabama?
HIPAA enforcement reached an all-time high in 2018, with financial settlements ranging from $100,000 to $16,000,000. The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) is responsible for providing oversight and ensuring HIPAA compliance. Last year alone, OCR resolved a total of 25,089 complaints of HIPAA violations and required at least…
-
HHS Lowers Annual Limits of Penalties for HIPAA Violations
Published in the Federal Register on April 30, 2019, the Department of Health and Human Services (“HHS“) issued a notification to inform the public that HHS is exercising its discretion in how it applies regulations concerning the assessment of civil money penalties (“CMPs“) under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA“), as…
-
How Can You Ensure Your Email is Safe and HIPAA Compliant?
Using free email providers like Gmail, Yahoo, and MSN are expedient and easy to set up. It’s the reason why some healthcare providers rely on them. While you could stretch to make the argument that these email services can be configured to be “HIPAA capable,” none in the eyes of security experts are HIPAA compliant.…
-
Record Year for HIPAA Enforcement
In the current environment of regulation reduction, it is notable that the Department of Health and Human Services (HHS) received a record $28.6 million dollars in publicized settlements and judgments for HIPAA violations in 2018. These numbers surpass previous years with the closest year on record being 2016 in which HHS collected $23.5 million dollars.…
-
Lights, Camera…HIPAA
In the age of social media and reality TV, some people document their surroundings and behaviors regularly. Many of us think nothing of pulling out our cellphones to capture moments or otherwise memorializing our lives. But HIPAA-covered entities[1] must be proactive about the use of photographic and recording devices to ensure that they are in…
-
-
Does Your Workforce Know Its Privacy/Security Officials? They Better.
As a health care compliance attorney for more than 12 years, I may not have seen it all, but I’ve definitely seen a lot. An unfortunate, yet common, pattern is a lack of compliance with some of the most basic state and federal regulations. There are some documents and practices that are required to be…