Is ProtonMail HIPAA Compliant?

ProtonMail is an email encryption service that is designed with businesses in mind, enabling users to send and receive secure emails. But when you work with protected health information, you must consider more than a software’s security, you must also look at whether or not it is HIPAA compliant. Is ProtonMail HIPAA compliant? Find out by reading below. ProtonMail HIPAA Compliant Email Encryption [...]

2022-07-12T11:33:23-04:00July 16th, 2021|

$1,040,000 OCR Settlement Reached for Stolen Unencrypted Laptop

Lifespan Affiliated Covered Entity (“Lifespan ACE”) is a HIPAA-covered entity. This not-for-profit health system includes three academic teaching hospitals, a medical and mental health services hospital, and Rhode Island’s largest nonprofit behavioral healthcare provider. In April of 2017, Lifespan’s parent company and business associate, filed a breach report with the Department of Health and Human Services’ (HHS) Office for Civil Rights. The resulting OCR investigation determined that an unencrypted [...]

2022-05-06T13:55:37-04:00July 28th, 2020|

Cyber Attacks on Cloud Services Rise 630%

McAfee conducted a study on cyber attacks on cloud services to determine if there has been an increase in attacks since the COVID-19 pandemic. The results are staggering, exposing a 630% rise in cyber attacks on cloud services since January 2020. With an increase of 50% in the use of cloud services, and a 600% increase in collaboration services, this discovery is troubling to say the least. *McAfee Cloud [...]

2022-05-06T14:38:18-04:00June 11th, 2020|

Hospital Data Breaches and Patient Deaths

Researchers for the journal Health Services Research recently conducted a study to determine whether there is a relationship between hospital data breaches and patient deaths. Of particular interest was whether or not remediation efforts for hospital data breaches diminished the quality of hospital care.  Remediation Efforts for Hospital Data Breaches: Related to Quality of Patient Care? A hospital data breach is the unauthorized acquisition, access, use, or disclosure, in [...]

2022-05-06T14:38:19-04:00December 19th, 2019|

HIPAA Requirements for Sending PHI

Healthcare entities require a means to easily share protected health information (PHI). When sending PHI it is imperative to keep HIPAA requirements in mind. The Health Insurance Portability and Accountability Act (HIPAA) set forth industry standards for creating, storing, and maintaining of PHI, including HIPAA requirements for sending PHI. Email The most convenient means of sending PHI is via email, however when sending PHI through [...]

2022-05-06T13:55:40-04:00December 13th, 2019|

 HIPAA Business Email Compromise 

A cyberthreat known as business email compromise has caused businesses, religious institutions, educational institutions, non-profits, and other companies, to lose billions of dollars since the FBI first began tracking the threat in 2013. Business email compromise (BEC) - also known as CEO impersonation - is a favorite crime of Internet con artists because the practice relies on what any con operation requires for success: deception. These criminals target a [...]

2022-05-06T14:04:12-04:00December 10th, 2019|

HIPAA Compliant Laptops

HIPAA regulations require healthcare organizations and individual care providers to take measures to keep patient data secure. Failure to do so can result in fines, if an organization suffers a breach of unsecured PHI.  The HIPAA Security Rule requires that mobile devices be rendered secure. Security Rule requirements needed for HIPAA compliant computers are discussed below. What is a Security Risk Assessment? The [...]

2022-11-21T14:39:04-05:00November 13th, 2019|

Texas Health and Human Services Commission Fined $1.6 Million by OCR

The Texas Health and Human Services Commission (TX HHSC) is a Texas government state agency. Its charge is to improve the health, safety and well-being of Texans with good stewardship of public resources. TX HHSC, which is part of the broader Texas Health and Human Services system, which: Operates state supported living centers; Provides mental health and substance abuse services; Regulates child care and nursing [...]

2022-05-06T13:55:41-04:00November 8th, 2019|

Ransomware Healthcare Attacks Continue to Strike

Ransomware healthcare attacks should be a cause for concern for anyone working in healthcare. Ransomware attacks occur when an unauthorized party accesses an organization’s network, encrypting files until a sum of money is paid for their return. The healthcare industry has become the top target for hackers in part due to the sensitive information they handle and the lack of advanced cybersecurity practices. 400 Dental Practices Affected by Ransomware [...]

2022-05-06T14:38:20-04:00October 2nd, 2019|

Employee of DBHIDS Loses Unencrypted Laptop Resulting in HIPAA Breach

An employee of Philadelphia’s Department of Behavioral Health and Intellectual disAbility Services (DBHIDS) lost an unencrypted laptop on public transportation. The laptop contained the protected health information (PHI) of 1,500 individuals. DBHIDS informed affected individuals on the same day that the HIPAA breach was discovered.  David T. Jones, Commissioner of the Department of Behavioral Health and Intellectual disAbility Services, stated, “Once we learned about the [...]

2022-05-06T13:55:42-04:00August 14th, 2019|