21 06, 2017

CoPilot Settles $130K for Breach Notification with New York AG

2017-09-22T16:50:09+00:00 June 21st, 2017|

CoPilot Provider Services has reached a $130,000 settlement with New York state for delaying its HIPAA breach notification process. NY Attorney General, Eric Schneiderman, determined that CoPilot unlawfully delayed HIPAA breach notification to 221,178 customers a full year after the initial breach took place. Schneiderman's office found that the data breach occurred in October of 2015 due to access by an unauthorized user. CoPilot stores confidential reimbursement data on [...]

13 06, 2017

Is Gmail HIPAA Compliant?

2017-06-13T13:52:27+00:00 June 13th, 2017|

Many of you might be asking "Is Gmail HIPAA compliant?" Google applications such as Gmail and other G Suite Services have long been a standard resource for businesses. But when it comes to health care practices, how do you know if your sensitive patient data is being kept safe? HIPAA Basics Google has safeguards in place that can successfully keep protected health information (PHI) secure during email transmission. HIPAA [...]

6 06, 2017

eClinicalWorks Hit With $155M Settlement for False Claims

2017-09-14T17:25:57+00:00 June 6th, 2017|

EHR HIPAA compliance is a growing concern in the health care industry, especially in the aftermath of the US Department of Justice's (DOJ) recent settlement with eClinicalWorks. Pair this fine with hints out of the Department of Health and Human Services about forthcoming EHR HIPAA compliance guidance, and it seems likely that the trend in EHR HIPAA enforcement will continue to grow throughout the rest of 2017. A $155M [...]

25 05, 2017

Mount Sinai-St. Luke’s Pays $387K HIPAA Settlement for Privacy Violation

2017-05-25T11:59:54+00:00 May 25th, 2017|

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has levied a $387,200 HIPAA settlement against St. Luke's-Roosevelt Hospital Center for unlawful disclosure of patient data. OCR was alerted to the breach in September of 2014. A patient at the Institute for Advanced Medicine (formerly the Spencer Cox Center for Health) reported that a staff member disclosed the patient's protected health information (PHI) to the patient's [...]

16 05, 2017

Influencer Interviews: Jerry Godwin of Optometric Medical Solutions

2017-05-24T20:07:08+00:00 May 16th, 2017|

Jerry Godwin of OMS The optometric health care market is primed for tremendous growth. At least, that's what Jerry Godwin of Optometric Medical Solutions has to say. Optometric Medical Solutions (OMS) is a practice management, revenue cycle management, and consulting firm based out of San Antonio, Texas. Jerry, President and CEO, has been working in the eye care space for years now. OMS runs like a well-oiled [...]

27 04, 2017

Ransomware, Interoperability, Medical Apps Major Focus of 2017 HIPAA Enforcement

2017-07-25T00:09:27+00:00 April 27th, 2017|

Office for Civil Rights (OCR) Director Roger Severino made major suggestions into upcoming 2017 HIPAA enforcement in his opening talk at Health Datapalooza 2017. Severino is the newly appointed Director of the Department of Health and Human Services' (HHS) OCR. He said that OCR is "mindful of the regulatory side of things," and spoke about enforcement of the HIPAA Privacy and Security Rules in the changing face of medical [...]

27 04, 2017

HHS Secretary Tom Price Suggests Changes to HHS Guidance on EHRs

2017-06-19T13:11:34+00:00 April 27th, 2017|

Secretary of Health and Human Services (HHS) Tom Price stressed major changes to health care IT under the Trump Administration during his opening remarks at Health Datapalooza 2017. "People, patients, and partnerships" are going to be the major driving forces behind upcoming changes to data security and privacy. Secretary Price stressed that HHS' goal will be reducing the burden of health care IT to physicians by focusing on patient [...]

13 04, 2017

It’s Time to Throw Out Your HIPAA Manual

2018-01-16T12:05:49+00:00 April 13th, 2017|

Here’s the truth: using a HIPAA compliance manual for your compliance program is like using Windows 96 computers to run your practice. HIPAA compliance manuals were the first iteration of the HIPAA compliance program 20 years ago when HIPAA was first enacted. For their time, compliance manuals did a fine job. However, HIPAA has undergone drastic additions and revisions in the past two decades, and you need [...]

1 03, 2017

Upcoming HIPAA Enforcement to Target Business Associates and MSPs

2017-03-01T16:49:29+00:00 March 1st, 2017|

More Fines Ahead for HIPAA Business Associates As HIPAA business associates, MSPs doing work in the health care space are at risk of increased enforcement efforts from the federal government. In 2016 alone, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued almost $24 million in fines. Among those fines was the first ever settlement reached with a HIPAA business associate. Catholic Health Care [...]

28 02, 2017

Simplifying HIPAA and Human Resources

2018-01-31T15:50:29+00:00 February 28th, 2017|

Whether you're a covered entity with an HR department or a third-party HR consultant looking to make your clients HIPAA compliant, Human resources and HIPAA compliance interact in numerous ways–and can be a challenge to properly integrate. HIPAA pertains to the privacy and security of protected health information (PHI), which includes patient health data such as names, dates of birth, social security numbers, and financial information. Many businesses handle this [...]