Category: HIPAA
-
HIPAA Illiteracy Is Considered Willful Neglect
KNOWING YOUR OFFICE’S VULNERABILITIES IS NOT ENOUGH Unsure of your practice’s vulnerabilities? Judge Rules in Favor of OCR and Requires $4.3 Million in Penalties for HIPAA Violations OCR’s investigation found that MD Anderson had written encryption policies and risk analyses had found that the lack of device-level encryption posed a high…
-
Does Inflation Have an Impact on HIPAA Violations?
Health care providers are generally aware that non-compliance with the Health Insurance Portability and Accountability Act can be costly. In 2013, when the Department of Health and Human Services (HHS) initiated penalties pursuant to the HIPAA Final Omnibus Rule, the health care industry was abuzz about the impact that these civil monetary penalties could have…
-
-
-
You Can Avoid a HIPAA Fine. Here’s What You Need to Know.
Did you know the government has strengthened its ability to enforce HIPAA law, which now includes fines reaching up to $50,000 per violation with a maximum of $1.5 million in annual penalties? With the increasing rates of cyberattacks and patient data breaches specifically targeting the health care industry, could you afford to pay a penalty…
-
The HIPAA Horizon: What Changes Can We Look Forward to in the Near Future?
The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) oversees compliance with the Health Insurance Portability and Accountability Act (HIPAA). Specifically, this entity is charged with ensuring that HIPAA-covered entities adhere to the HIPAA Privacy, Security and Breach Notification Rules. On Jan. 30, 2017, Pres. Trump issued an order referred to…
-
Phishing Schemes Can Paralyze Your Medical Practice
“Phishing” occurs when emails are sent to individuals or entities in an attempt to fraudulently gain access to personal information or introduce malware into the computer system. These emails are often disguised to look familiar to the recipient. The perpetrator may disguise their communication to appear to be from a colleague, family member or friend.…
-
HIPAA Guidance for Mass Shootings and Other Tragic and Emergency Situations
In the aftermath of one of the deadliest school shootings in U.S. history, many health care organizations are revisiting their HIPAA policies and procedures to determine exactly what information they are allowed to share and to whom they may share information. FAMILY AND FRIENDS A health care entity may share a patient’s location, general condition…
-
Breach Notification…Who, How, When?
February is typically a very busy month for health care compliance professionals because the majority of breaches are required to be reported to the Department of Health and Human Services (HHS) within the first 60 days of the calendar year following the breach. However, the type of breach determines the applicable deadline so it is…
-
Social Media & HIPAA: When Sharing is Not Caring
Social media is an increasingly common presence within the health care industry – among providers and consumers alike – but despite the potential benefits it can offer both parties, it introduces many risks. Paging Dr. Google It’s no exaggeration to say that the internet has completely transformed the way people seek medical information, and social…