Gmail is arguably the most popular email platform with approximately 1.5 million users, but is Gmail HIPAA compliant? The answer is discussed below. Is Gmail HIPAA Compliant: Security Features The HIPAA Security Rule requires software used in conjunction with protected health information (PHI) to have security measures in place to ensure the confidentiality, integrity, and availability of PHI. End-to-end encryption is the best [...]
Many covered entities and business associates attempt to tackle HIPAA on their own, not realizing how many components make up an effective compliance program. The Department of Health and Human Services (HHS) does not make it easy for healthcare organizations to figure out what exactly is required of them. This is where HIPAA outsourcing comes in. HIPAA outsourcing allows healthcare organizations to become HIPAA compliant with the help [...]
With states starting to issue vaccine passports, proving that a resident has been vaccinated against COVID, many have been asking, is this a HIPAA violation? To provide guidance, vaccine passports and HIPAA implications are discussed. Do Vaccine Passports Violate HIPAA? There has been a lot of debate as to whether or not businesses would be in violation of HIPAA by requiring customers to provide proof of vaccination to [...]
GitHub is an open-source software development hosting website, with millions of developers building and maintaining their software on the platform. In December of 2020, GitHub was notified by security researchers Jelle Ursem and Dissent Doe of DataBreaches.net, that some of the data of Med-Data, Inc. (MedData), had been uploaded to GitHub. MedData provides revenue cycle management services for hospitals and health systems throughout the United States. Recently, MedData [...]
There have been several instances reported recently in which a terminated employee has violated HIPAA by accessing patient information after they have been fired. This can cause major implications for healthcare organizations, especially if the disgruntled employee exfiltrates patient data to sell on the dark web. To protect your organization from employee data theft, tips to prevent a terminated employee from violating HIPAA are discussed. [...]
The former CEO of a Texas hospice service recently pled guilty for his role in defrauding Medicare and Medicaid out of tens of millions of dollars in falsified claims. Bradley J. Harris, who ran Novus Health Services and Optim Health Services, Inc., awaits a sentencing hearing on August 3 of 2021. He faces a prison sentence of up to 14 years. The details of the Medicare and Medicaid [...]
In late March of 2021, the Department of Health and Services (HHS) Office for Civil Rights (OCR) settled with New Jersey-based Village Plastic Surgery (VPS) for a potential violation of the HIPAA right of access rule. The $30,000 settlement requires VPS to undergo a two-year corrective plan (CAP). The details of the settlement are discussed below. Village Plastic Surgery HIPAA Right of Access Rule Violation [...]
With 1.2 million patients affected by February 2021 healthcare breaches, healthcare security should be at the top of mind for organizations working with patient information. To provide guidance on protecting your organization against breaches, 12 tips to improve your healthcare security are discussed. How to Improve Healthcare Security There are 12 things that you can do today to improve your overall healthcare security, [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights recently announced its seventeenth settlement of an enforcement action under its HIPAA Right of Access Initiative. The Arbour, Inc., doing business as Arbour Hospital (Arbour), has agreed to pay $65,000 to settle a potential right of access standard violation. Arbor has also agreed to submit to a one-year corrective action plan (CAP). More details on the [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) publicly posts breaches affecting 500 or more patients to its breach portal. There were 45 incidents reported in February 2021 affecting 1,234,943 patients. 35 of these incidents targeted healthcare providers, representing 82.29% of affected patients. 5 of these incidents targeted health plans, representing 13.64% of affected patients. 5 of these incidents targeted business associates, representing [...]