16 08, 2019

HIPAA Security Rule Technical Safeguards and Employee Logins

2019-08-16T08:50:24-04:00August 16th, 2019|

Under the HIPAA Security Rule, covered entities must implement security safeguards to protect the confidentiality, integrity, and availability of electronic protected health information (ePHI). ePHI is any protected health information that is created, stored, transmitted, or received in any electronic format. One type of security safeguard that must be implemented is known as a “technical safeguard.”  What are HIPAA Security Rule Technical Safeguards? HIPAA Security Rule technical safeguards are [...]

15 08, 2019

What is the “Integrity of ePHI” under the HIPAA Security Rule?

2019-08-15T11:26:54-04:00August 15th, 2019|

The HIPAA Security Rule requires that covered entities (health plans, health care clearinghouses, and health care providers who electronically transmit any health information in connection with a HIPAA-related transaction), and business associates (read more about business associates here), implement reasonable and appropriate technical safeguards. These safeguards must protect (among other things) the integrity of ePHI, electronic protected health information (ePHI). ePHI is any protected health information that is created, [...]

14 08, 2019

Employee of DBHIDS Loses Unencrypted Laptop Resulting in HIPAA Breach

2019-08-14T08:41:18-04:00August 14th, 2019|

An employee of Philadelphia’s Department of Behavioral Health and Intellectual disability Services (DBHIDS) lost an unencrypted laptop on public transportation. The laptop contained the personal health information (PHI) of 1,500 individuals. DBHIDS informed affected individuals on the same day that the HIPAA breach was discovered.  David T. Jones, Commissioner of the Department of Behavioral Health and Intellectual disAbility Services, stated, “Once we learned about the lost laptop within our [...]

13 08, 2019

HIPAA Breaches Rising

2019-08-13T08:48:56-04:00August 13th, 2019|

HIPAA breaches have increased exponentially as health information is extremely valuable on the black market. It seems like there is a new data breach in the news every day, a large portion of these breaches are a result of phishing incidents. Phishing incidents occur when a hacker sends a malicious link, usually via email, to one or more employee(s), misrepresenting their identity. In a recent phishing attack, hackers accessed [...]

12 08, 2019

HIPAA Subpoena Compliance

2019-08-12T11:10:26-04:00August 12th, 2019|

As part of the discovery or disclosure process, parties to a lawsuit often issue a subpoena to a medical provider for patient medical records. Federal law imposes HIPAA subpoena compliance requirements on the provider. These requirements can be found in the HIPAA Privacy Rule. The Privacy Rule regulates the use and disclosure of personal health information (PHI). PHI is health information in any form, including physical records, electronic [...]

9 08, 2019

The Hidden Costs of a Data Breach

2019-08-12T10:59:44-04:00August 9th, 2019|

Data breaches can cost more than an organization would think. IBM Security’s annual study analyzed data breaches and the financial impact associated with them. It was found that, on average, a data breach costs an organization $3.92 million. That’s an increase of 12% as compared to the last 5 years. There are many costs associated with a data breach that can cost an organization money over the span of [...]

8 08, 2019

5 Facts about MSPs and HIPAA Compliance

2019-08-08T17:10:01-04:00August 8th, 2019|

According to the Datto Report from 2018, healthcare is the #1 vertical for MSPs. In a recent study, only 1 out of 11 MSPs who work in the healthcare sector are requesting information on HIPAA compliance. Any MSP who has healthcare clients must be HIPAA compliant. In a recent study, 27% of MSPs who are working with healthcare clients are addressing their HIPAA compliance on their own. It is [...]

8 08, 2019

Cryptomining Malware Can Affect HIPAA Obligations

2019-08-08T10:18:52-04:00August 8th, 2019|

The well-established security firm Check Point recently ranked cryptomining as the leading cyber threat in healthcare - ahead of ransomware. Cryptomining malware, also known as cryptocurrency mining malware, refers to software programs and malware components developed to take over a computer's resources and use them for cryptocurrency mining, without a user's authorization. This hijacking of computer resources can result in shutdown and even total systems failure.  Cryptomining is not [...]

7 08, 2019

183,000 Patients Affected in the Latest String of Healthcare Cyber Attacks

2019-08-07T09:31:40-04:00August 7th, 2019|

Presbyterian Healthcare Services is the latest victim of phishing attacks in the healthcare industry. A phishing attack is when unauthorized access to an organization's network is gained by targeting employees’ email accounts. Hackers disguise themselves as a trusted individual and send a malicious link, usually through email, that allows them access to the employees’ email accounts. They may send the link to several employees within an organization, or target [...]

6 08, 2019

MACRA MIPS 2019 Security Risk Analysis Requirements

2019-08-06T10:24:03-04:00August 6th, 2019|

With the MACRA MIPS 2019 deadline approaching, healthcare organizations must be aware of what is required of them to receive their reimbursements. Healthcare organizations seeking MACRA MIPS payment must complete a security risk analysis (SRA) before the December deadline.  How to Satisfy the MACRA MIPS Requirement A security risk analysis must be conducted annually to ensure that protected health information (PHI) is adequately safeguarded; this is required of all [...]