Although healthcare facilities of all sizes and types are required to choose a HIPAA compliance officer to make sure that regulations are followed, some choose to blend the role with an existing one. For small to medium-sized practices, the thought of hiring a full-time HIPAA compliance officer may seem financially unfeasible. Continue reading Should Your Medical Practice Hire a HIPAA Compliance Officer?
University of Massachusetts Amherst has agreed to a $650,000 settlement with OCR to resolve HIPAA violations that led to a 2013 malware infection.
After the theft of a mobile device compromised the protected health information (PHI) of hundreds of nursing home residents. Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) must settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Continue reading Over 400 Nursing Home Residents have their PHI compromised, resulting in a Hefty Fine!
First discovered in February 2016, Crysis is multi-platform – able to permeate both Mac and Windows systems. Continue reading Ransomware: Crysis virus is able to access administrative features, allowing it to not only encrypt files
The volume of patient data handled by vendors of healthcare organizations has exploded with the near ubiquity of electronic health records systems and the growing role of analytics and mobile devices in healthcare.
Despite the requirements of HIPAA, not only do a large percentage of covered entities believe they will not be notified of security breaches or cyber attacks by their business associates, they also think it is difficult to manage security incidents involving business associates, and impossible to determine if data safeguards and security policies and procedures at their business associates are adequate to respond effectively to a data breach.
Raleigh Orthopaedic Clinic, P.A. of North Carolina (Raleigh Orthopaedic) has agreed to pay $750,000 to settle charges that it potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule by handing over protected health information (PHI) for approximately 17,300 patients to a potential business partner without first executing a business associate agreement. Continue reading April 20, 2016 $750,000 settlement highlights the need for HIPAA business associate agreements
The HIPAA Omnibus Rule has implemented the HITECH Act for the most part. However, the ever growing concern of data crisis in the healthcare industry can’t be solved that easily. With emerging technologies (cloud computing, social media) and updates in the existing ones, we are bound to face new challenges and risks over time. Continue reading Healthcare Data Crisis – What HIPAA Should Do.
There is a difference between education and training, although they are related. Education provides the knowledge of an area, whereas training provides the skills to apply it. Both are necessary and often go hand in hand. Continue reading Is all this compliance education and training really necessary?