Compliance and Regulations
Stay up-to-date of data protection regulations updates and industry compliance standards evolution. Learn about HIPAA, GDPR and data protection laws, compliance requirements specific to your industry, and stay up-to-date on legal developments affecting security practices. Stay inform on notable data breaches and security incidents related.
HIPAA Alliance Market Equals Healthcare Companies With HIPAA-Compliant Trade
A new platform which simplifies the procedure of searching for HIPAA-compliant business associates has been launched this week. The HIPAA Alliance Market has been developed to match up HIPAA covered objects with reliable dealers that … Read more
Iliana Peters Now Acting Deputy at the OCR
OCR’s Iliana Peters has stepped in to replace Deven McGraw, Deputy Director for Health Information Privacy at the Department of Health and Human Services’ Office for Civil Rights (OCR), in an interim role. Peters will … Read more
HIPAA Laws
The HIPAA laws – sometimes known as the HIPAA Rules or the HIPAA regulations – are the standards contained within the Administrative Simplification provisions of the Healthcare Insurance Portability and Accountability Act 1996. These standards … Read more
HIPAA Alliance Marketplace Matches Healthcare Organizations With HIPAA-Compliant Business
This week has seen the launch of a new platform that streamlines the process of searching for HIPAA-compliant business associates. The HIPAA Alliance Marketplace has been developed to match HIPAA covered entities with trusted vendors … Read more
HIPAA Compliant Business Associates Easier to Locate with New Tool
The challenge of finding HIPAA compliant business associates has been addressed with the introduction of a new tool to simplify this task. Healthcare organizations are only allowed to use business associates that comply with HIPAA Rules … Read more
Improperly Configured Cloud Services in Over Half of Businesses
The healthcare sector has made great waves recently in embracing cloud based technology. Most healthcare groups now implementing secure cloud storage services to host web applications or store data which contains electronic protected health information … Read more
Almost 500K Records Exposed in September Healthcare Data Breaches
The Breach Barometer report from for September has been released and shows there was a significant increase in healthcare data breaches during that month. The report collates healthcare data violations reported to the Department of … Read more
HIPAA Compliance and Skype: What You Need to Know
Skype and other text messaging platforms are a useful way of broadcasting information, but there are some questions to be answered in relation to HIPAA compliance of the service. There has recently been a lot … Read more
Proposed Rule for Certification of Compliance for Health Plans Withdrawn by HHS
The Department of Health and Human Services, at the start of 2014, completed a proposal for introducing a new rule to bring in an official certification of compliance for health plans. The proposed rule would … Read more
Redlock Report: Cloud Storage Services are Misconfigured in over Half of Businesses
According to a recent study by cloud threat defense firm RedLock, more than half of businesses have made mistakes that have exposed sensitive data in the cloud. The report reveals that as muc as 53% of organizations … Read more
Should Identity Theft Protection Services Be Offered to Data Breach Victims Under HIPAA?
The HIPAA Breach Notification Rule stated that covered bodies must advise people once their ePHI has been compromised. It is less clear if it is a requirement that credit monitoring and identity theft protection services should be … Read more
GDPR Leads Lloyds to Alter Marketing Campaigns
Lloyds Banking Group has taken steps to introduce new marketing campaigns due to the coming introduction of the European Union’s GDPR legislation, a new set of guidelines on data privacy and security. Lloyds is moving from … Read more
OCR Issue Clarification on HIPAA Disclosure Rules
The Department of Health and Human Services’ Office for Civil Rights OCR, has, following the recent attacks in Las Vegas, moved to issue a clarification on HIPAA Rules regarding disclosures to family, friends and other … Read more
Data Breach at Med Center Health affects almost 160,000 of its Patients
The FBI has been investigating a large Med Center Health data breach that affects many affiliates and approximately 160,000 patients. Hackers are not believed to be responsible for the Med Center Health data breach, in … Read more
February Sees Dramatic Rise in Insider Healthcare Data Breaches
In its most recent healthcare data breach report. Protenus has indicated that the month of February witness a significant increase in insider healthcare data breaches. The February Breach Barometer report shows that there were 31 … Read more
Highmark BCBS of Delaware Probes Data Break Impacting 19K People
Highmark BlueCross BlueShield of Delaware is probing a data break which has affected 19,000 payees of employer-paid health policies. The data break affects 2 contractors of Highmark BCBS – BCS Financial Corporation and Summit Reinsurance … Read more
$475K Settlement for Late HIPAA Break Notice
The Division of Health and Human Services’ OCR has publicized the 1st HIPAA payment of current year. This is additionally the 1st settlement so far exclusively based on a needless delay to break notice after … Read more
UMass to Pay the Office for Civil Rights $650K to Settle HIPAA Breaches
The Division of Health and Human Services’ OCR has consented to a $650K agreement with University of Massachusetts Amherst (UMass). The agreement solves HIPAA breaches that caused the UMass undergoing a malware contagion in 2013. … Read more
St. Joseph Health to make Payment of OCR $2.14 Million to Resolve HIPAA Case
The Division of Health and Human Services’ OCR has declared it has decided to resolve possible breaches of the HIPAA Security and Privacy Laws with St. Joseph Health (SJH). St. Joseph Health has to pay … Read more
Assistance on HIPAA as well as Cloud Computing Released by HHS
The Division of Health and Human Services has issued revised advice on cloud computing and HIPAA to assist protected bodies to take benefit of the cloud devoid of endangering a HIPAA breach. The key emphasis … Read more
$400K HIPAA Payment for BAA Failures
The Section of Human and Health Services’ OCR has stated it has concluded an agreement with Care New England Health System (CNE) to settle suspected breaches of the HIPAA. CNE should reimburse a financial fine … Read more
Revised Safety Risk Evaluation Device Announced by ONC
OCR has a preference to resolve HIPAA conformity problems through voluntary conformity as well as non-punitive ways, even though financial fines are these days becoming more usual. If OCR detectives discover HIPAA breaches, financial fines … Read more
Biggest Ever HIPAA Agreement: Advocate Health to Reimburse OCR $5.5 Million
Previous month, the Department of Health and Human Services’ OCR publicized 2 huge agreements with protected entities to settle suspected HIPAA breaches. Nevertheless, even the $2.7 million, as well as, $2.75 million settlements at UMMC and … Read more
2.75 Million Dollar HIPAA Agreement Achieved with UMMC
Immediately after the 2.7 million HIPAA break agreement with OHSU comes news of one more multi-million-dollar agreement with one more university. The Division of Health and Human Services’ OCR declared four days ago that University … Read more
Oregon Health & Science Varsity to Pay The Office for Civil Rights $2.7 Million for 2013 Data Breaks
Oregon Health & Science University (OHSU) has consented to resolve a lawsuit with the Division of Health and Human Services’ OCR originating from 2 data breaks suffered in 2013. A fine of $2.7 million will … Read more
Philadelphia BA Agrees to $650K OCR Payment
The Division of Health and Human Services’ OCR issued particulars of a settlement which was concluded with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) on June 24, 2016. CHCS has approved to … Read more
$1.55 Million HIPAA Agreement for Want of BAA as well as Risk Study Failures
The Division of Health and Human Services’ OCR has declared it has achieved an agreement with North Memorial Health Care of Minnesota on suspected HIPAA breaches from a 2011 data break. North Memorial has consented to … Read more
HIPAA Business Associate Informs 31K Record Data Violation
Omaha-based Seim Johnson, a commercial partner of several healthcare providers in Nebraska and outside, has declared that one of its laptops was thieved in Nashville, Tennessee, revealing almost 31,000 healthcare patient files. The laptop had … Read more
Apple Health HIPAA Violation Affects 91K Medicaid Receivers
As per a statement released by Steve Dotson, HCA risk manager, a Washington State Health Care Authority (HCA) worker has breached the safeguarded health info of 91,000 Apple Health Medicaid package customers over a duration … Read more
Two Employees Sacked for Jason Pierre-Paul HIPAA Violation
Earlier in July 2015, Jason Pierre-Paul, New York Giant football team member paid a visit to Jackson Memorial Hospital of Miami for medication following a fireworks mishap. News reports appeared soon after verifying Pierre-Paul had … Read more
Borgess Rheumatology Notifies 700 Patients of Mailing Mistake
Borgess Rheumatology has notified that 700 of its patients have been affected by a mailing mistake which happened on December 9, 2015. That revealed their PHI. Although no Social Security numbers or other extremely confidential … Read more
Lincare Inc to Disburse $239,800 CMP for HIPAA Infringement
For just the second time in its past, OCR has instructed a HIPAA-covered body to disburse civil fiscal fines for HIPAA infringements. Lincare Inc. is needed to pay $239,800 for breaches of the HIPAA Secrecy … Read more
Survey Shows Law Companies are not Complying with HIPAA Regulations
The Health Insurance Portability and Accountability Act (HIPAA) deals with health insurers, healthcare providers, and healthcare clearinghouses, and all covered entities are required to comply with HIPAA Privacy, Security, and Infringement Announcement Laws. HIPAA additionally … Read more
Snapchat Video Post Results Nursing Assistant Sacking
A nursing helper from the Parkside Manor assisted-living service in Kenosha, WI. has been sacked for showing a video of a nearly nude 93-year-old Alzheimer’s patient as well as distributing the file on Snapchat. In … Read more
ONC Publicizes Final 10-Year Interoperability Program
On Tuesday, the Office of the National Coordinator for Health IT announced the long-anticipated final 10-Year Interoperability Program. After the announcement of the draft form of the program in January 2015, the Office of the … Read more
Existing Risk of Scam from 2012 Philadelphia Ambulance HIPAA Break
This week the Philadelphia Fire Department informed a data break involving 750 people who had utilized the ambulance facility in 2012. Three years before a worker of Intermedix, the company accustomed to managing the Fire … Read more
Indiana Attorney General Announces $12,000 HIPAA Penalty for Discarded PHI
The Indiana Attorney General’s Office has announced its first penalty for Health Insurance Portability and Accountability Act violations pursuant to part 13410(e) of the HITECH Act. The penalty of $12,000 was imposed on ex Kokomo … Read more
Business Associates Constitute 40 Percent of HIPAA Breaks
In the 1st quarter of 2013, 40 percent of all HIPAA breaks involving the revelation of PHI that affected over 500 people were the consequence of the acts of BAs of HIPAA–protected entities. The problem … Read more
Highmark Branch Visionworks Struck by 75K HIPAA Break
Highmark Inc., the Pennsylvania-based health Insurance business, has declared today that Visionworks, one of its branches, has misplaced a computer server having the medical files of roughly 75,000 patients. The medicinal information saved on the … Read more
Boston Business Associate Sacked Over 15K HIPAA Violation
MDF Transcription Services, a Business Partner of Boston Medical Center, has been sacked after a HIPAA breach that revealed the secret data of roughly 15,000 people when their information was publicized on an unsafe transcription … Read more
HIPAA Violations Cost Healthcare Industry $5.6 Billion a Year
A latest statement from the Ponemon Institute has emphasized the gravity of the danger from cyber-attacks and must serve as a notice to healthcare providers that they should improve data safety. The cost to the industry is … Read more
Idaho State University Instructed to Pay $400K Settlement for HIPAA Violation
Disobeying HIPAA rules can incur severe fines, as found by Idaho State University this month. The organization has lately been compelled to settle down with the Division of Health and Human Services’ Office of Civil … Read more
Texas Lady Pleads Guilty to HIPAA Breaches
U.S. Lawyer John M. Bales has declared that Joneshia Cranford, a 33-year old inhabitant of Lufkin in the Eastern Region of Texas, has pleaded guilty to breaches of the Health Information Portability and Accountability Law … Read more
Alaska DHSS Arrives at $1.7M Agreement with OCR for HIPAA Safety Rule Breaches
The thievery of a moveable hard drive from a worker of the Alaska Department of Health and Social Services (DHSS) possibly revealed the ePHI of about 2,000 persons. After an inquiry by the HHS Office … Read more
Online Patient Calendars Bring about $100K HIPAA Violation
Prior to displaying Safeguarded Health Info on any website, it’s necessary that the method is evaluated for safety dangers. If a website is maintained or owned by a 3rd party or a cloud service is … Read more
Negligence in Business Associate Security Results in 20K Patient HIPAA Infringement
As per a New York Times story circulated this week, the health reports of 20,000 patients of Stanford University Hospital in Palo Alto, Calif., have been announced online and available to the public for nearly a year … Read more