$5.1 Million Fine Announced for HIPAA Data Breach

The Department of Health and Human Services (HHS) Office for Civil Rights has entered into a settlement with the Excellus Health Plan, under which Excellus has agreed to pay $5.1 million and to enter into a corrective action plan. The settlement was prompted by an OCR investigation that found widespread noncompliance with provisions of the HIPAA Privacy and Security Rules. As a result of the noncompliance, the data [...]

2021-01-15T16:56:23-05:00January 15th, 2021|

Signed, Sealed, Delivered: SkyMed Fined for False HIPAA Compliance Claim

Many businesses pride themselves on meaning what they say, and saying what they mean. Other businesses get fined by regulators. On December 16, 2020, SkyMed settled with the Federal Trade Commission (FTC) over a deceptive business practice charge, in this case a false HIPAA compliance claim. The FTC in its complaint against SkyMed - was plastering a “We are Compliant” seal on a [...]

2021-01-14T16:44:31-05:00January 14th, 2021|

First OCR Settlement Agreement of 2021 Announced

It’s not surprising that OCR kicked off 2021 by announcing yet another right of access fine. The fourteenth fine issued under OCR’s right of access initiative was a $200,000 fine issued to Banner Health ACE. The OCR settlement agreement is discussed in detail below. Banner Health ACE OCR Settlement Agreement Banner Health affiliated covered entities (Banner Health ACE), a non-profit health system with 30 hospitals, and primary [...]

2021-01-14T16:16:39-05:00January 13th, 2021|

OCR HIPAA Enforcement in 2021

OCR HIPAA enforcement in 2020 was focused on HIPAA right of access violations with 11 fines issued in 2020 citing this type of violation. Although right of access fines will likely continue, the OCR is bound to shift its focus in the year to come. OCR HIPAA enforcement in 2021 is discussed to provide healthcare organizations with guidance on what may be to come. OCR HIPAA Enforcement in [...]

2021-01-14T16:16:39-05:00January 12th, 2021|

2020 Right of Access Enforcement

2020 has been an unenviable year of firsts and of worsts. Add to this another undesirable record-breaker. In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. 11 of the fines issued were for a failure to comply with the HIPAA Privacy Rule’s right of access. The message of OCR 2020 [...]

2021-01-14T16:16:40-05:00January 11th, 2021|

4.05 Million Patients Affected by December Healthcare Breaches

There were a staggering number of December healthcare breaches reported on the OCR wall of shame, with 48 breaches for the month. The largest of these breaches, an email hacking incident perpetrated against MEDNAX Services, Inc., a business associate, affected more than a million patients. In all, December healthcare breaches affected 4,057,276 patients. More details are discussed below. December Healthcare Breaches: Hacking/IT Incidents It is not [...]

2021-01-14T16:16:40-05:00January 8th, 2021|

HIPAA Cybersecurity Best Practices Incentivized in New Bill

On January 5, 2021, President Trump signed into law legislation approved by the House Energy and Commerce Committee known as HR 7898. HR 7898, now law, requires the Department of Health and Human Services (HHS) to incentivize a covered entity’s or business associate’s cybersecurity best practices. Under this legislation, HHS, when deciding whether to issue a fine, or undertake an audit, must take into account whether [...]

2021-01-07T10:17:19-05:00January 7th, 2021|

Is ActiveCampaign HIPAA Compliant?

ActiveCampaign is a software company that offers customers sales automation, marketing automation, and email marketing. But is ActiveCampaign HIPAA compliant? The answer is discussed below. Is ActiveCampaign HIPAA Compliant: Security Features Healthcare organizations are required to ensure that protected health information (PHI) is secure. As such, when using a software platform in conjunction with PHI, it is essential to assess their security [...]

2021-01-07T10:17:21-05:00January 6th, 2021|

HIPAA Fines 2020 Reached $13.5 Million

2020 was a year like no other in many ways. While the healthcare industry was arguably the most affected by the events of 2020, the Department of Health and Human Services (HHS) saw no need to slow down its enforcement efforts. This is evident by the fact that there were more HIPAA fines issued in 2020 than any year before. To provide healthcare organizations guidance on how to [...]

2021-01-07T10:17:22-05:00January 5th, 2021|

10 Largest 2020 Healthcare Breaches

2020 saw record-breaking healthcare breaches with some of the largest recorded breaches in history. Several of these breaches occurred due to healthcare hacks and ransomware incidents, leading the FBI and HHS to issue a warning in October to healthcare organizations against the persistent threat. 10 of the largest 2020 healthcare breaches are discussed below. 2020 Healthcare Breaches and Cybersecurity Incidents The majority [...]

2021-01-05T13:28:18-05:00January 4th, 2021|
Load More Posts