21 11, 2018

What are the HIPAA Administrative Simplification Rules?

2018-12-03T12:36:23+00:00November 21st, 2018|

The HIPAA Administrative Simplification Rules establish national standards for electronic transactions and code sets to maintain the privacy and security of protected health information (PHI). These standards are often referred to as electronic data interchange or EDI standards. The regulations, detailed in 45 CFR 160, 45 CFR 162, and 45 CFR 164, aim to make health care systems more efficient and effective by streamlining paperwork associated with billing, [...]

8 11, 2018

Anthem Pays Record $16 MM HIPAA Fine for Largest U.S. Health Data Breach in History

2018-12-10T14:13:52+00:00November 8th, 2018|

Anthem, Inc. will pay $16 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) to settle violations of the HIPAA Privacy and Security Rules. This settlement marks the largest ever HIPAA fine, in one of the most extensive health data breaches in history. Almost 79 million patients' electronic protected health information (ePHI) was exposed in the Anthem data breach. This is the [...]

7 11, 2018

HIPAA Compliance Checklist 2019

2018-11-26T13:19:10+00:00November 7th, 2018|

Looking for a simple way to assess your HIPAA compliance? Download our new HIPAA Compliance Checklist for 2019! Compliancy Group's annual HIPAA compliance checklist gives you a robust summary of everything health care professionals, vendors, and IT service providers need to be HIPAA compliant. Download our latest HIPAA checklist now and find out where your organization stands! Click here to download the HIPAA [...]

30 10, 2018

OCR Guidance: HIPAA Physical Security Safeguards

2018-10-30T16:20:12+00:00October 30th, 2018|

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a letter calling the HIPAA physical security safeguards for electronic protected health information (ePHI), an "often overlooked" element of the HIPAA Security Rule. There is a common trend among health care professionals to favor cybersecurity safeguards over HIPAA physical security measures, which is the reason behind OCR's letter. HIPAA regulation clearly outlines the [...]

18 10, 2018

UMass to Pay $230,000 in Attorney General HIPAA Fines

2018-10-18T12:21:53+00:00October 18th, 2018|

Another Attorney General HIPAA fine has been levied, this time for data breaches that have left thousands of Massachusetts residents' personal data exposed. UMass Memorial Medical Group Inc. and UMass Memorial Medical Center Inc. will pay a total of $230,000 to the state of Massachusetts to resolve claims that two separate healthcare data breaches exposed the protected health information (PHI) of more than 15,000 Massachusetts residents. According to [...]

21 09, 2018

$1 Million Boston HIPAA Fine Levied for Illegally Filming Patients

2018-09-21T15:50:20+00:00September 21st, 2018|

Close to $1 million in HIPAA fines have been levied against three Boston-area hospitals for serious HIPAA violations after illegally filming patients for a local TV series. The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has issued HIPAA settlements to three different hospitals for HIPAA violations stemming from the filming of a TV series on their premises. ABC's "Boston Med" was filmed at [...]

9 08, 2018

1.4 Million Patient Records Breached in Phishing Attack

2018-08-27T14:39:40+00:00August 9th, 2018|

The largest data breach of 2018 (so far) has been claimed by a Midwestern health network. UnityPoint Health (UPH) has reported its second data breach of 2018, this time affecting 1.4 million patient records. On July 30, 2018, UnityPoint Health reported that the protected health information (PHI) of 1.4 million patients was compromised after a recent phishing attack infiltrated their email servers. The exposed PHI included patient info [...]

3 08, 2018

Average HIPAA Fine is Now $1.5 Million

2018-09-17T16:36:20+00:00August 3rd, 2018|

With so many HIPAA fines making headlines over the 20+ years since HIPAA regulation was first enacted, it's hard to keep track of some of the more significant fines and figures. Even though there have been landmark fines for HIPAA compliance--especially over the past four years--the fact of the matter remains that there are standard trends to HIPAA enforcement that all health care professionals should be aware of. When [...]

10 07, 2018

Medical Center Employee Indicted on Criminal HIPAA Violations

2018-09-10T14:46:18+00:00July 10th, 2018|

A former University of Pittsburgh Medical Center (UPMC) employee was indicted by a federal grand jury for criminal HIPAA violations. The Pittsburgh federal grand jury charged the former patient information coordinator with six counts of wrongfully obtaining and disclosing protected health information (PHI). HIPAA regulation defines PHI as any demographic information that can be used to identify a patient. The UPMC employee used her position to illegally obtain [...]

27 06, 2018

Cancer Center Hit with $4.3 Million Texas HIPAA Fine

2018-09-17T16:31:11+00:00June 27th, 2018|

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that The University of Texas MD Anderson Cancer Center (MD Anderson) issued a $4.3 million Texas HIPAA violation fine for three different security breaches that occurred between 2012 and 2013. In an uncharacteristic enforcement action, the case was put before the HHS Administrative Law Judge (ALJ). The ALJ ruled in favor of OCR, stating that [...]