14 02, 2019

Enforcement on the Rise: 2018 HIPAA Fines Reach an All-Time High

2019-02-14T11:00:19+00:00February 14th, 2019|

2018 proved to be the strictest year for HIPAA fines in the history of enforcement, marking a new age of heightened risk for health care providers and vendors alike. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) set an all-time record in HIPAA enforcement activity in 2018. OCR levied a total of $28.7 million in settlements and judgments. This is a shocking 22% increase [...]

13 02, 2019

California HIPAA Fine Concludes All-Time Record Year for HIPAA Enforcement

2019-02-13T16:44:22+00:00February 13th, 2019|

HIPAA enforcement activity reached an all-time record in 2018, according to The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS). In 2018, OCR levied $28.7 million in HIPAA fines. This record-breaking total surpassed 2016’s $23.5 million in fines by 22%--and as if that wasn’t impressive enough, OCR also issued the single largest fine in the history of HIPAA enforcement for $16 million [...]

6 02, 2019

Social Media HIPAA Violations: When Can a Provider Disclose PHI?

2019-02-13T16:45:49+00:00February 6th, 2019|

Social media HIPAA violations are becoming a more and more common occurrence, especially in today's increasingly digital health care landscape. With news stories of social media HIPAA violations making headlines day after day, the risk to your patients' privacy and your practice's reputation can't be ignored. Let's look at a hypothetical situation that helps illustrate some HIPAA social media basics, and assess when a provider can disclose PHI. Imagine Dr. [...]

1 02, 2019

Indiana Healthcare Group Hit by Third-Party Data Breach

2019-02-13T16:48:47+00:00February 1st, 2019|

The protected health information (PHI) of more than 30,000 US patients may have been exposed in a data breach involving Managed Health Services (MHS) of Indiana. The breach occurred when unauthorized persons accessed employee email accounts at LCP Transportation, a partner of MHS, according to a recent security alert from the organization. MHS serves Indiana residents through the Hoosier Healthwise and Hoosier Care Connect Medicaid programs. The system was [...]

22 01, 2019

HHS OCR Sets Health Information Privacy as 2019 Priority

2019-02-13T16:49:54+00:00January 22nd, 2019|

Cyber-security and data privacy have become increasingly critical issues facing health care over the past few years, and it seems that HHS OCR is ready to respond. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is seeking a Deputy Director for Health Information Privacy, as per a listing posting to USAJOBS on January 14, 2019. According to the job posting, the Deputy Director "leads, [...]

16 01, 2019

How to Maintain HIPAA Compliance in Deskbound Technology

2019-01-22T14:09:59+00:00January 16th, 2019|

HIPAA compliance must be improved in the cloud but also be optimized in deskbound technology. You can take steps toward compliance through improvements of your security policies. Some changes are particularly important for HIPAA compliance. Steps that should be taken within Windows 10 settings, via Group Policy tweaks, are reviewed below. General Group Policy Tweaks to Improve Windows Security Windows Group Policy security can be utilized so that your [...]

21 11, 2018

What are the HIPAA Administrative Simplification Rules?

2019-01-07T11:02:15+00:00November 21st, 2018|

The HIPAA Administrative Simplification Rules establish national standards for electronic transactions and code sets to maintain the privacy and security of protected health information (PHI). These standards are often referred to as electronic data interchange or EDI standards. The regulations, detailed in 45 CFR 160, 45 CFR 162, and 45 CFR 164, aim to make health care systems more efficient and effective by streamlining paperwork associated with billing, [...]

8 11, 2018

Anthem Pays Record $16 MM HIPAA Fine for Largest U.S. Health Data Breach in History

2018-12-10T14:13:52+00:00November 8th, 2018|

Anthem, Inc. will pay $16 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) to settle violations of the HIPAA Privacy and Security Rules. This settlement marks the largest ever HIPAA fine, in one of the most extensive health data breaches in history. Almost 79 million patients' electronic protected health information (ePHI) was exposed in the Anthem data breach. This is the [...]

7 11, 2018

HIPAA Compliance Checklist 2019

2018-11-26T13:19:10+00:00November 7th, 2018|

Looking for a simple way to assess your HIPAA compliance? Download our new HIPAA Compliance Checklist for 2019! Compliancy Group's annual HIPAA compliance checklist gives you a robust summary of everything health care professionals, vendors, and IT service providers need to be HIPAA compliant. Download our latest HIPAA checklist now and find out where your organization stands! Click here to download the HIPAA [...]

30 10, 2018

OCR Guidance: HIPAA Physical Security Safeguards

2019-01-07T12:12:07+00:00October 30th, 2018|

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a letter calling the HIPAA physical security safeguards for electronic protected health information (ePHI), an "often overlooked" element of the HIPAA Security Rule. There is a common trend among health care professionals to favor cybersecurity safeguards over HIPAA physical security measures, which is the reason behind OCR's letter. HIPAA regulation clearly outlines the [...]