Implementing HIPAA Technical Safeguards for Data Security

Read Elizabeth Snell explain how healthcare firms can implement HIPAA technical safeguards for data security on Health IT Security : The push for digital health records is not going to slow down anytime soon, and as recent cases of ransomware attacks show, healthcare organizations must create comprehensive data security measures. HIPAA technical safeguards are just […]

HIPAA breach fines: It’s time to rethink this mess

Read  Tom Sullivan and Jessica Davis’ article about HIPAA data breach fines on healthcare firms on Healthcare IT News : When the Department of Health and Human Services Office for Civil Rights slaps hospitals with a hefty fine for a data breach, from where does that money ultimately come? Read their full article here.

Ransomware rising, but where are all the breach reports?

Presence Health set the bar high with its $475,000 settlement with the Department of Health and Human Services’ Office of Civil Rights earlier this year. The settlement, announced January 9, 2017, is the first HIPAA monetary enforcement on a healthcare organization for untimely breach reporting, according to HHS. Read how despite rising ransomware attacks, the […]

How to achieve HIPAA compliance on AWS: A guide

Healthcare companies that are accustomed to complete control over physical systems often struggle to understand their responsibilities in a cloud environment. Who is responsible for which aspects of compliance? Can healthcare companies trust Amazon with their mission-critical apps and sensitive data? What are the rules and boundaries for AWS compliance? Read how healthcare firms can […]

Cybersecurity 2017 – The Year In Preview: HIPAA Compliance

The year ahead promises to be a busy one for those with responsibility for HIPAA compliance, as the Office of Civil Rights (OCR), charged with enforcing HIPAA, continues to lean in to compliance initiatives and addresses new questions in the rapidly-evolving healthcare information technology environment. Read how 2017 will compare with previous years in regards […]

HIPAA Data Breaches: What Covered Entities Must Know

Read Elizabeth Snell explain what covered entities should know about HIPAA data breaches on Health IT Security : As more healthcare organizations implement new technologies, connect to health information exchanges, and adopt electronic health record technology, they are potentially exposing themselves to more online threats and potential HIPAA data breaches. Read his full article here.

Guidance on Ransomware Attacks under HIPAA and State Data Breach Notification Laws

US Department of Health and Human Services (HHS) has recently issued guidance under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and recover from ransomware attacks; however, other state data breach notification laws can also be triggered by a ransomware attack. Read Amy M. Gordon, […]

U.S. Dept. of Health and Human Services Publishes New Guidance on Ransomware

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) recently issued new HIPAA guidance [PDF] regarding ransomware. “The FBI has reported an increase in ransomware attacks and media have reported a number of ransomware attacks on hospitals,” OCR director Jocelyn Samuels wrote in a blog post announcing the guidance. Read about […]

Ransomware Attacks on ePHI May Be a Data Breach Under HIPAA

On July 11, 2016, the Office of Civil Rights (“OCR”) at the Department of Health and Human Services issued new HIPAA guidance regarding the growing epidemic of malicious computer software known as “ransomware”. Read how ransomware attacks on healthcare firms may soon come under Data Breach as per new HIPAA guidelines on JD Supra.

Regulator says Ransomware Infections Likely Reportable Under HIPAA

Ransomware infections have been plaguing the healthcare field for much of the last two years, as this blog and others have reported. But amidst all the reports of hospitals hamstrung by encrypted, clinical systems, there’s been precious little talk about whether such incidents are violations of patients’ privacy under the federal HIPAA legislation. Read about […]