Are Search Engines Compromising PHI Security?

It was recently discovered that advancements in search engine capability may pose a risk to PHI security. Researchers from American College of Radiology (ACR), Radiological Society of North America (RSNA), and Society for Imaging Informatics in Medicine (SIIM) warned healthcare professionals and radiologists of the risk of using medical images for educational purposes. How Can Search Engines Identify Medical Images Optical Character [...]

2020-09-08T10:11:45-04:00September 8th, 2020|

New OCR Guidance on Completing a Risk Assessment

Recently, to provide HIPAA covered entities and business associates with assistance in completing their risk assessments, the Office for Civil Rights (OCR) released guidance. The OCR guidance lays out a detailed list of IT asset inventory steps that should be taken when completing a risk analysis. More details on the OCR guidance are discussed below. Compliancy Group offers clients a full HIPAA [...]

2020-09-04T21:15:36-04:00August 27th, 2020|

HIPAA Compliant Texting and Email

As more organizations continue to work remotely, they are relying on texting and email as means of communication. For organizations that work in healthcare, it is important to determine if the communication tool they use is HIPAA compliant. HIPAA compliant texting solutions and email platforms are discussed below. HIPAA Compliant Texting and Email: What You Need to Know An essential component of HIPAA is ensuring the confidentiality, integrity, and [...]

2020-08-27T17:40:02-04:00August 10th, 2020|

$1,040,000 OCR Settlement Reached for Stolen Unencrypted Laptop

Lifespan Affiliated Covered Entity (“Lifespan ACE”) is a HIPAA-covered entity. This not-for-profit health system includes three academic teaching hospitals, a medical and mental health services hospital, and Rhode Island’s largest nonprofit behavioral healthcare provider. In April of 2017, Lifespan’s parent company and business associate, filed a breach report with the Department of Health and Human Services’ (HHS) Office for Civil Rights. The resulting OCR investigation determined that an unencrypted [...]

2020-07-28T09:58:33-04:00July 28th, 2020|

Why Data Protection in Healthcare is Essential

The rate at which healthcare entities are targeted by hackers has increased alarmingly over the course of the past several months. This is mostly due to the healthcare industry’s focus on combating the coronavirus pandemic. As such, data protection in healthcare has fallen by the wayside. The importance of data protection in healthcare and tips on what security measures to implement are discussed below. Is your organization secure?  Find [...]

2020-07-27T10:18:44-04:00July 27th, 2020|

Cyber Attacks on Cloud Services Rise 630%

McAfee conducted a study on cyber attacks on cloud services to determine if there has been an increase in attacks since the COVID-19 pandemic. The results are staggering, exposing a 630% rise in cyber attacks on cloud services since January 2020. With an increase of 50% in the use of cloud services, and a 600% increase in collaboration services, this discovery is troubling to say the least. *McAfee Cloud [...]

2020-06-11T09:10:06-04:00June 11th, 2020|

Exposure Notification Privacy Act Aims to Regulate Contact Tracing Apps

Recently, a bipartisan group of United States Senators introduced the Exposure Notification Privacy Act (ENPA). This bill aims to regulate exposure notification and contact tracing apps that will be used to monitor and control COVID-19 spread. What is Contact Tracing? Contact tracing is the process of identifying people who may have come into contact with a person infected by a virus. COVID-19 contact tracing apps are being developed by [...]

2020-09-14T17:01:54-04:00June 9th, 2020|

HIPAA Privacy Rule: PHI Reidentification

Under the HIPAA Privacy Rule, de-identification of protected health information (PHI) is the removal of specific information about a patient that can be used alone or in combination with other information to identify that patient. Covered entities often wish to use de-identified protected health information to conduct research and perform comparative studies. Once PHI has been properly deidentified, its use is permitted without patient authorization. A recent study published [...]

2020-05-11T11:31:18-04:00April 27th, 2020|

What is a Picture Archiving and Communication System (PACS)?

A Picture Archiving and Communication System (PACS) is a computer system used by healthcare providers. A Picture Archiving and Communication System captures, stores, distributes, and then displays medical images. The medical system also digitally transmits electronic images and reports. The medical images include (among others) X-rays, CT scans, and MRI scans.  What Does a Picture Archiving and Communication System Consist of? A PACS system consists of four main components: [...]

2020-05-05T17:53:14-04:00April 17th, 2020|

PHI Protection: How to Secure Healthcare Data

Healthcare data breaches have been highlighted recently, with several large breaches occurring over the last few months. Hackers target the healthcare industry as they hold a wealth of sensitive information on their patients, and often have less secure data than in other industries. Ransomware attacks continue to rise as healthcare organizations often need to pay the ransom to get their data back. A ransomware attack occurs when a hacker [...]

2020-04-28T14:38:38-04:00April 13th, 2020|
Load More Posts