The Department of Health and Human Services (HHS) Office for Civil Rights has entered into a settlement with the Excellus Health Plan, under which Excellus has agreed to pay $5.1 million and to enter into a corrective action plan. The settlement was prompted by an OCR investigation that found widespread noncompliance with provisions of the HIPAA Privacy and Security Rules. As a result of the noncompliance, the data [...]
Many businesses pride themselves on meaning what they say, and saying what they mean. Other businesses get fined by regulators. On December 16, 2020, SkyMed settled with the Federal Trade Commission (FTC) over a deceptive business practice charge, in this case a false HIPAA compliance claim. The FTC in its complaint against SkyMed - was plastering a “We are Compliant” seal on a [...]
It’s not surprising that OCR kicked off 2021 by announcing yet another right of access fine. The fourteenth fine issued under OCR’s right of access initiative was a $200,000 fine issued to Banner Health ACE. The OCR settlement agreement is discussed in detail below. Banner Health ACE OCR Settlement Agreement Banner Health affiliated covered entities (Banner Health ACE), a non-profit health system with 30 hospitals, and primary [...]
OCR HIPAA enforcement in 2020 was focused on HIPAA right of access violations with 11 fines issued in 2020 citing this type of violation. Although right of access fines will likely continue, the OCR is bound to shift its focus in the year to come. OCR HIPAA enforcement in 2021 is discussed to provide healthcare organizations with guidance on what may be to come. OCR HIPAA Enforcement in [...]
2020 has been an unenviable year of firsts and of worsts. Add to this another undesirable record-breaker. In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. 11 of the fines issued were for a failure to comply with the HIPAA Privacy Rule’s right of access. The message of OCR 2020 [...]
There were a staggering number of December healthcare breaches reported on the OCR wall of shame, with 48 breaches for the month. The largest of these breaches, an email hacking incident perpetrated against MEDNAX Services, Inc., a business associate, affected more than a million patients. In all, December healthcare breaches affected 4,057,276 patients. More details are discussed below. December Healthcare Breaches: Hacking/IT Incidents It is not [...]
On January 5, 2021, President Trump signed into law legislation approved by the House Energy and Commerce Committee known as HR 7898. HR 7898, now law, requires the Department of Health and Human Services (HHS) to incentivize a covered entity’s or business associate’s cybersecurity best practices. Under this legislation, HHS, when deciding whether to issue a fine, or undertake an audit, must take into account whether [...]
ActiveCampaign is a software company that offers customers sales automation, marketing automation, and email marketing. But is ActiveCampaign HIPAA compliant? The answer is discussed below. Is ActiveCampaign HIPAA Compliant: Security Features Healthcare organizations are required to ensure that protected health information (PHI) is secure. As such, when using a software platform in conjunction with PHI, it is essential to assess their security [...]
2020 was a year like no other in many ways. While the healthcare industry was arguably the most affected by the events of 2020, the Department of Health and Human Services (HHS) saw no need to slow down its enforcement efforts. This is evident by the fact that there were more HIPAA fines issued in 2020 than any year before. To provide healthcare organizations guidance on how to [...]
2020 saw record-breaking healthcare breaches with some of the largest recorded breaches in history. Several of these breaches occurred due to healthcare hacks and ransomware incidents, leading the FBI and HHS to issue a warning in October to healthcare organizations against the persistent threat. 10 of the largest 2020 healthcare breaches are discussed below. 2020 Healthcare Breaches and Cybersecurity Incidents The majority [...]
Are you HIPAA compliant? Download our checklist to find out!
Is Your Organization HIPAA Compliant?
Use Our Software & Get The Seal of Compliance!
Use Our Software & Get The Seal of Compliance!