The HIPAA Privacy Rule and Facility Directories

The HIPAA Privacy Rule generally permits hospitals and other healthcare facilities to maintain facility directories that provide certain basic information about patients within the facilities. The HIPAA Privacy Rule and facility directories is discussed below. What are Facility Directories? Under the HIPAA Privacy Rule, covered entities, including hospitals and other covered health care providers, may use the following protected health information (PHI) in facility directories: A patient’s name; A [...]

2020-05-15T09:13:01-04:00May 15th, 2020|

Healthcare Cybersecurity: Why Healthcare is Vulnerable 

In the past two years email fraud in healthcare has increased by 473%. Most cyberattacks are the result of phishing attacks. A phishing attack occurs when a hacker enters a network through an employee's email account, often accomplished when an employee opens a malicious link. Once in a network, hackers can steal or corrupt files, making them unreadable. In healthcare, this kind of attack can be detrimental to your [...]

2020-05-14T11:31:18-04:00May 14th, 2020|

Business Email Compromise Scammers Target COVID-19 Researchers

Business email compromise (BEC) – also known as CEO impersonation – is a favorite crime of Internet con artists because the practice relies on what any con operation requires for success: deception. These criminals target employees with access to company cash. Scammers identify which individuals have this access, and the names of the CEOs for whom they work, the scammer then sends the individuals a seemingly legitimate email requesting [...]

2020-05-13T09:47:48-04:00May 13th, 2020|

4 Tips: HIPAA Compliance for Small Practices

Healthcare organizations of all sizes must comply with the standards set forth by HIPAA. Although HIPAA mandates the same regulations for different sized healthcare organizations, the implementation of how the requirements are applied differ. HIPAA compliance for small practices is discussed below. Do you have an effective HIPAA compliance program? Find out now by completing the HIPAA compliance checklist. HIPAA Compliance for Small Practices When determining what HIPAA safeguards [...]

2020-05-12T09:10:49-04:00May 12th, 2020|

LabCorp Data Breaches Lead to Cybersecurity Lawsuit

LabCorp, a leading healthcare diagnostics company that offers laboratory and genetics testing services, has been sued by one of its shareholders to recover share value losses caused by two data breaches suffered by LabCorp within the last twelve months. In this cybersecurity lawsuit, the shareholder, Raymond Eugenio, seeks money damages as well as public acknowledgment by LabCorp that the second of the two breaches took place. What Does the [...]

2020-05-11T09:33:50-04:00May 11th, 2020|

Study Shows Improvement in HIPAA Right of Access Compliance

The HIPAA Privacy Rule’s “Right of Access” provision requires providers to make patient medical records available for viewing, inspecting, and copying. In early 2019, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) launched a HIPAA Right of Access enforcement initiative.  A recent study by citizen.com revealed that since the initiative was launched, provider Right of Access compliance has increased.   How Did the Study Measure [...]

2020-05-08T12:14:50-04:00May 8th, 2020|

HIPAA Media Access: Film Crews in Healthcare Facilities

The Department of Health and Human Services (HHS)’ Office for Civil Rights (OCR) has issued several Notices of Enforcement Discretion during the COVID-19 pandemic. As such, OCR will not be imposing sanctions on covered entities for good-faith violations of certain rules. OCR will continue to impose sanctions for other violations. One violation for which OCR will continue to apply sanctions is the violation of the HIPAA Media Access rule. [...]

2020-05-07T09:18:13-04:00May 7th, 2020|

National Security Agency Issues Cybersecurity Guidance for Teleworkers

The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence. Recently, the NSA issued cybersecurity guidance for teleworkers to help improve security for remote work. The cybersecurity guidance is relevant to healthcare workers who provide telehealth services from their home computers and smartphones. Is your organization secure? Download the free cybersecurity eBook to [...]

2020-05-26T13:38:06-04:00May 6th, 2020|

A String of Healthcare Ransomware Attacks Affect Thousands

Several healthcare ransomware attacks have occurred over the past few months. Healthcare ransomware attacks occur when hackers access a healthcare organization’s patient data, demanding a sum of money for its return. The malicious encrypting of files leaves many organizations crippled in the months following an attack. Healthcare Ransomware Attacks: Parkview Medical Center April 21, 2020, Parkview Medical Center suffered a ransomware attack, targeting their electronic medical record (EMR) system. [...]

2020-05-05T12:45:34-04:00May 5th, 2020|

Replace HIPAA With New Federal Privacy Laws? ITIF Says Yes

The Information Technology and Innovation Fund (ITIF), a prominent independent, nonpartisan think tank, has recommended a repeal of a number of U.S. privacy regulations, including HIPAA. ITIF has recommended that HIPAA, which it views as part of an ineffective patchwork of U.S. privacy regulations, should be replaced with new federal privacy laws. What New Federal Privacy Laws Does ITIF Recommend? ITIF has called for a series of changes to [...]

2020-05-07T09:32:38-04:00May 4th, 2020|