Each month, we review healthcare breaches posted on the Office for Civil Rights (OCR) online breach portal to determine the leading causes and how the incidents could have been prevented. The OCR publicly posts healthcare breaches that affected 500 or more individuals to ensure that all affected patients know their information could have been potentially compromised. At least 6,242,589 records containing patients' [...]
There was a time when getting a copy of your medical records was a hit-or-miss proposition. Depending on your health history and how your provider documented it, a complete medical file could be inches thick or just a few pages. The healthcare provider had much control over how much you would be permitted to access or if you could access it at all. [...]
Smartsheet is one of those nearly indispensable little tools that make life easier for companies trying to manage large projects involving many people, such as implementing a new Electronic Health Record system. The software allows task assignment and tracking, posting of updates, and aids collaboration and work management. Many users do agree that it’s pretty helpful, but is Smartsheet HIPAA compliant? What [...]
In 2015, legislation known as the Medicare Access and CHIP Reauthorization Act (MACRA) was enacted. Until the passage of the CURES Act in 2016, MACRA was the most significant legislative overhaul of the U.S. healthcare system since 2010’s Affordable Care Act. Under MACRA, the Centers for Medicare and Medicaid Services created regulations for healthcare providers' use of health information technology. One of these incentives is the [...]
In March 2022, President Joe Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This new law will likely trigger changes to the cybersecurity response plans of many organizations. While there is not currently a standard to enforce, healthcare providers and the companies that provide support services to them will be affected by this new law. CIRCIA Background [...]
There are a ton of eCommerce sites you can use to host your online store. You probably already know that your eCommerce store must be PCI compliant, but have you considered HIPAA? If your goods or services are intended for patients and require patient information to be input for a purchase, the eCommerce platform you use to host your store must be HIPAA compliant. What is [...]
VSee is a telehealth solution with an impressive background, including being the service used by astronauts on the International Space Station. As notable as that accomplishment is, we must ask the question, is VSee HIPAA compliant? What Makes a Software Tool HIPAA Compliant? When it comes to software, there are specific indications of the tool’s HIPAA compliance. Software HIPAA compliance really boils [...]
Establishing a healthcare cybersecurity policy is important for multiple reasons. Cybersecurity policies create standards for your staff, enabling them to keep sensitive information private. HIPAA requires healthcare organizations to have policies and procedures that limit the use and disclosure of patient information, and to ensure that it is not accessed inappropriately. How to Create Your Healthcare Data Security Policy Cybersecurity policies provide [...]
