HIPAA Compliant Video Conferencing: What to Look For

As we enter our fourth month of the COVID-19 crisis, the use of video conferencing tools continues to grow. However, the security of these tools have been under scrutiny, particularly for  use in the healthcare field. To help providers choose the right video conferencing tool, HIPAA compliant video conferencing is discussed below. Is your organization secure?  Find out now with our HIPAA compliance checklist. Choosing a HIPAA Compliant Video [...]

2020-07-29T09:21:26-04:00July 29th, 2020|

$1,040,000 OCR Settlement Reached for Stolen Unencrypted Laptop

Lifespan Affiliated Covered Entity (“Lifespan ACE”) is a HIPAA-covered entity. This not-for-profit health system includes three academic teaching hospitals, a medical and mental health services hospital, and Rhode Island’s largest nonprofit behavioral healthcare provider. In April of 2017, Lifespan’s parent company and business associate, filed a breach report with the Department of Health and Human Services’ (HHS) Office for Civil Rights. The resulting OCR investigation determined that an unencrypted [...]

2020-07-28T09:58:33-04:00July 28th, 2020|

Why Data Protection in Healthcare is Essential

The rate at which healthcare entities are targeted by hackers has increased alarmingly over the course of the past several months. This is mostly due to the healthcare industry’s focus on combating the coronavirus pandemic. As such, data protection in healthcare has fallen by the wayside. The importance of data protection in healthcare and tips on what security measures to implement are discussed below. Is your organization secure?  Find [...]

2020-07-27T10:18:44-04:00July 27th, 2020|

$25,000 OCR Settlement Reached With Federally Qualified Health Center

From mid-March to mid-July of 2020, the Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS) was very busy… But not because it was issuing fines. HHS, responding to the COVID-19 pandemic, was releasing guidance on how covered entities and business associates can comply with the HIPAA regulations during this extraordinary time. COVID-19 has not ended, but, it turns out, the fines linger on. [...]

2020-07-24T09:06:07-04:00July 24th, 2020|

HHS Amends Substance Abuse Records Confidentiality Rules

Recently, the 42 CFR Part 2 regulations, which serve to protect substance abuse disorder patient records, were revised. Their revised regulation facilitates better coordination of care in response to the opioid epidemic, while maintaining confidentiality of substance abuse records. How Have the Substance Abuse Records Confidentiality Rules Changed? The new substance abuse records confidentiality rules do not alter the basic framework for confidentiality protection of substance use disorder (SUD) [...]

2020-07-23T09:21:09-04:00July 23rd, 2020|

Failure to Deidentify PHI Exposed Hundreds of Patients

On April 9 students from the University of Delaware contacted the Delaware Division of Developmental Disabilities Services (DDDS) regarding a research project. The students requested demographic and disability status information on 350 patients. A staff member provided the information to the students but failed to deidentify PHI, resulting in a HIPAA violation. In a letter sent to breach victims, DDDS stated that students were conducting a research study in [...]

2020-07-22T10:30:25-04:00July 22nd, 2020|

What Happens to HIPAA Lawsuits?

HIPAA lawsuits - litigation involving a plaintiff claiming violation of a HIPAA regulation - usually do not get very far, as the plaintiffs in a data breach lawsuit against Episcopal Health Services discovered. HIPAA lawsuits, which are usually filed in court, are almost always dismissed by the judges assigned to hear them. What Happens to HIPAA Lawsuits: No Standing For a court to hear a lawsuit, it must have [...]

2020-07-21T09:14:35-04:00July 21st, 2020|

275,000 Affected by Billing Vendor Breach

Benefit Recovery Specialists Inc., a debt collection and billing vendor based in Houston, suffered a breach. The billing vendor breach affected 275,000 patients as the vendor serviced multiple healthcare entities, including health plans and healthcare providers. The billing vendor breach is discussed below. Is your organization secure?  Find out now with our HIPAA compliance checklist. Billing Vendor Breach: What Happened On April 30, Benefit Recovery Specialists Inc. (BRSI) discovered [...]

2020-07-20T09:07:04-04:00July 20th, 2020|

HIPAA Now: What you Need to Know About HIPAA Compliance

Since the start of the coronavirus pandemic, there have been a lot of questions about HIPAA compliance and software. At the beginning of the crisis, the Department of Health and Human Services (HHS) released guidance temporarily easing HIPAA restrictions around the use of telehealth. This loosening led many organizations to falsely assume that they no longer have to comply with HIPAA. To clear up this misconception, HIPAA compliance now [...]

2020-08-03T16:30:27-04:00July 17th, 2020|

Importance of BAA Compliance Highlighted by Breach

The Department of Health and Human Services (HHS) maintains a list of health-related data breaches affecting 500 or more individuals. HHS obtains this information from the healthcare organizations and business associates who discovered the breach. The list, referred to as the “Wall of Shame,” was recently graced by Central Files, the business associate of covered entity Elkhart Emergency Physicians. HIPAA regulations require covered entities to enter into written business [...]

2020-07-16T09:39:51-04:00July 16th, 2020|