The Compliancy Group's HIPAA Blog

7 06, 2018

Connecticut HIPAA Lawsuit, Patients May Now Sue over HIPAA Violations

Nick Bouzas 2018-06-07T15:56:11+00:00 June 7th, 2018|

2018 marks the year that Connecticut citizens are now allowed to file HIPAA lawsuits against providers for unwarranted release of their protected health information (PHI). This ruling was issued for a case between the Avery Center for Obstetrics and Gynecology in Westport, Connecticut, and one of their patients, Emily Byrne. Byrne sued Avery Center for negligence and breach of contract after the Center sent Byrne’s medical records to the [...]

22 05, 2018

Do Email Subject Lines Need to Be HIPAA Compliant?

Compliancy Group 2018-05-22T10:27:11+00:00 May 22nd, 2018|

If you are a healthcare organization, business associate or covered entity that uses email, you know that any form of communication containing protected health information (PHI) needs to be encrypted to be HIPAA compliant. For some secure messaging solutions, that means sending an email portal to an end-recipient to access the encrypted message. Typically, the subject line will indicate that the contents inside include sensitive information as a reasonable [...]

17 05, 2018

Security and Compliance for Health IT: The Route to New Business?

Frank Sivilli 2018-05-17T10:46:53+00:00 May 17th, 2018|

Understanding security and compliance is essential for health care providers and health care IT professionals alike. Security and compliance go hand-in-hand to keep sensitive health care data safe. Managed service providers (MSPs) and IT service providers are posed particularly well to take advantage of this interrelationship and grow new business in health care. Health care is currently one of the fastest growing sectors of the US economy--and with the [...]

8 05, 2018

The CIA Triad: Confidentiality, Integrity, Availability for HIPAA

Frank Sivilli 2018-05-09T13:33:30+00:00 May 8th, 2018|

Confidentiality, integrity, and availability are essential components of any effective information security program. Sometimes referred to as the 'CIA triad,' confidentiality, integrity, and availability are guiding principles for health care organizations to tailor their compliance with the HIPAA Security Rule. HIPAA regulation sets specific guidelines for maintaining the privacy and security of protected health information (PHI). These guidelines are organized into a collection of HIPAA Rules. The HIPAA [...]

3 05, 2018

Another Criminal HIPAA Violation, Possible Jail Time

Frank Sivilli 2018-05-31T16:51:58+00:00 May 3rd, 2018|

Criminal HIPAA violations are becoming more and more commonplace--and this recent example proves that the risks may be growing. A gynecologist based out of Springfield, Massachusetts was convicted of a criminal violation of HIPAA, relating to the illegal distribution of protected health information (PHI) with pharmaceutical sales representatives. The physician received kick-backs from pharmaceuticals company, Warner Chilcott, amounting to $23,500. The physician purportedly shared confidential PHI with Warner [...]

4 04, 2018

Compliancy Group Sponsors NYU in NASA Robotics Competition

Frank Sivilli 2018-04-04T11:45:16+00:00 April 4th, 2018|

Compliancy Group is proud of our commitment to advocacy work--and this recent sponsorship continues that tradition. Compliancy Group has sponsored New York University's Tandon School of Engineering Robotic Design Team (NYU RDT) as they compete in the NASA Robotic Mining Competition 2018. The Competition takes place annually at the Kennedy Space Center in Cape Canaveral, Florida, from May 14th-May 18th, 2018. The NYU RDT is a collegiate research and [...]

8 03, 2018

How HIPAA and Marketing Intersect: Social Media, Websites, and Email Marketing

Frank Sivilli 2018-05-31T16:53:11+00:00 March 8th, 2018|

Whether you're a marketing firm looking to break into health care, or a practitioner looking to start an email marketing campaign, understanding HIPAA compliant marketing is absolutely essential to finding success in this increasingly digital age. The HIPAA Rules set specific regulatory standards that must be upheld during the marketing process. HIPAA marketing standards should form the backbone of any health care marketing effort. The reason HIPAA marketing standards [...]

17 02, 2018

Even Bankruptcy Doesn’t Save You From HIPAA Fines

Frank Sivilli 2018-06-08T12:48:12+00:00 February 17th, 2018|

The most recent HIPAA settlement out of the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) proves that care needs to be taken every step of the way to protect your business from HIPAA violation breaches and fines. The Illinois-based Filefax, Inc. was fined $100,000 to settle violations regarding improper document disposal. The fact that makes this case so different than any other HIPAA settlement [...]

13 02, 2018

Ransomware Causes Allscripts EHR Breach, HIPAA Violations

Frank Sivilli 2018-03-21T13:47:16+00:00 February 13th, 2018|

Ransomware breaches are becoming commonplace in healthcare settings, and this most recent attack is just another part of that pattern. Allscripts is an electronic health records (EHR) platform that provides services to hospitals, pharmacies, and ambulatory services across the country. In late January 2018, Allscripts was hit by a ransomware attack that shut down its Professionals EHR and Electronic Prescriptions for Controlled Substances (EPCS), among other services. Of the [...]

12 02, 2018

Blockchain Healthcare Technology: HIPAA Compliant?

Frank Sivilli 2018-04-24T16:32:58+00:00 February 12th, 2018|

With the surge of blockchain technology in healthcare and the recent rise in cryptocurrencies, questions are swarming about how else this innovative new technology can be used. Blockchain technology works by creating packets of information in the form of a "chain," linking one recipient of data to another. The data is encrypted in these packets, which can be accessed by anyone who holds a decryption key for a [...]