May 16th, 2018
Nearly 4 out of 5 healthcare providers use a mobile device for professional purposes. These numbers continue to rise as healthcare organizations place an increased focus on efficiency and productivity. (1) Although mobile devices are incredibly efficient and convenient, they also harbor measurable risks for data breach and the exposure of protected health information (PHI).
May 3rd, 2018
The mobile technology revolution has impacted nearly every industry across the globe, with healthcare being no exception. Hospitals, clinics, and providers have all quickly embraced the use of smartphones and other mobile devices along with the convenience of accessing important medical information quickly.
February 14th, 2018
Another strain of ransomware has wreaked its havoc on the healthcare industry. This time its victims include over 45,000 medical practices and 180,000 physicians that are clients of Allscripts Healthcare Solutions, Inc. Allscripts is a publicly traded American company that provides physician practices, hospitals, and other healthcare providers with practice management and electronic health record technology.
November 29th, 2017
Data breaches and ransomware attacks are among some of the top challenges that healthcare organizations face today. These issues can lead to extensive damage affecting entire organizations. Whether it is the breach of a patient’s privacy or the disruption of operations across an entire system, just one negative event has the potential to destroy a hospital’s reputation.
August 31st, 2017
A failure to understand HIPAA requirements can be a very costly mistake, as CardioNet learned just a couple months ago. In April, the wireless health services provider agreed to a settlement of $2.5 million for a potential noncompliance with the HIPAA Privacy and Security Rules. (1) The violation occurred when a company laptop containing the ePHI of 1,391 individuals was stolen from an employee’s vehicle parked outside their home.
June 20th, 2017
Recently the world’s largest cyber-attack unleashed its havoc across 150 countries crippling more than 300,000 victims and hundreds of organizations worldwide. Hospitals, universities, government offices, and large business were among those affected, including sixteen NHS hospitals in the UK. Many of them had to cancel surgeries, appointments, and send patients elsewhere due to the fallout.
May 24th, 2017
Healthcare data breaches are costing the U.S. healthcare industry nearly $6.2 billion each year. (2) In fact, healthcare has the highest cost per breached record of any other industry. Why?
April 17th, 2017
Last month, Memorial Healthcare System (MHS) agreed to implement a comprehensive corrective action plan and pay a 5.5-million-dollar settlement for the breach of protected health information (PHI) that affected over 100,000 individuals. This is the second largest fine against a covered entity to date, sending a strong message that audit controls will be a key focus for the future. (1)
April 3rd, 2017
In August, Advocate Health Care Network agreed to pay a $5.55 million settlement with the U.S. Department of Health and Human Services Office for Civil Rights (OCR), for multiple HIPAA violations. In addition, HHS also recently announced a $650,000 resolution settlement against the Catholic Health Care Services of the Archdiocese of Philadelphia.
November 15th, 2016
In August, Advocate Health Care Network agreed to pay a $5.55 million settlement with the U.S. Department of Health and Human Services Office for Civil Rights (OCR), for multiple HIPAA violations. In addition, HHS also recently announced a $650,000 resolution settlement against the Catholic Health Care Services of the Archdiocese of Philadelphia.
October 24th, 2016
What is a Business Associate?
Business associates are considered any third-party contractor that performs work or activities on behalf of a healthcare organization or covered entity that involve the use or disclosure of protected health information (1).
October 11th, 2016
In June, the victims of the horrific Orlando shooting at Pulse Nightclub were also victims of a privacy breach when their personal health information was accessed without authorization by a few curious employees at Orlando Health Hospital. The hospital confirmed that employees have previously received HIPAA training on patient privacy. However, they are now retraining staff and increasing auditing and monitoring of patient records in response to the breach. Experts say the hospital could be responsible for penalties up to $100,000 depending on the severity. A high price for personal curiosity.
September 27th, 2016
Section 1557 is the non-discrimination provision of the Affordable Care Act (ACA) that protects individuals from discrimination in health care based on race, color, national origin, age, disability, and sex; including discrimination based on pregnancy, gender identity and sex stereotyping.
July 22nd, 2016
In 2015, Ransomware cost the US Healthcare industry nearly 6 billion dollars. Even more concerning is that there has been a 300% increase in ransomware attacks in 2016, according to a recent report from the U.S. Government.
June 15th, 2016
Most medical practices, healthcare organizations, and clinicians are very familiar with HIPAA rules and regulation. However, the law can be extensively complicated and is often a source of confusion and misinterpretation. According to the Office for Civil Rights (OCR), one of the most common complaints and frequently misunderstood parts of the law involves a patient’s right to access their personal medical records.
May 17th, 2016
Cyber criminals and hackers are targeting the healthcare industry at staggering rates, and huge profits are being made on the black market from patient’s PHI (personal healthcare information). PHI is said to be ten times more valuable than credit card information because it contains highly sensitive data such as social security numbers, birth dates, addresses, credit card information, telephone numbers, Medicare numbers, and prescriptions.
March 28th, 2016
On March 21, 2016, The HHS Office for Civil Rights (“OCR”) announced that the Phase 2 of HIPAA audits are now underway. The purpose of the audits is to assess the compliance of covered entities and business associates with HIPAA Privacy, Security and Breach Notification Rules.
February 17th, 2016
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was established to set national standards for the confidentiality, security, and transmissibility of personal health information. Violations of this Act can result in substantial fines to a practice ranging from $100 to $1.5 million.
March 12th, 2015
Regardless of whether or not you are a big company or a small company, you can still be subjected to a breach. Today’s hackers are professionals. Hackers have one thing in mind, “YOU”, not you as a person, but you, who has information that will benefit only “THEM”.
Hackers are looking...
July 30th, 2014
What if one of your friends asks you questions about your current job duties, and what it is your organization does. What information would you share? Should you only be concerned with HIPAA obligations?
Safeguarding Confidential Information is not just a HIPAA Obligation
Throughout your career you may be asked questions about...