HIPAA Encryption at Rest

You may ask yourself, why does Compliancy Group require Full Disk Encryption on all devices that connect to, or store ePHI? Why is it a requirement and how will it protect me? What is HIPAA encryption at rest? Below, I will be happy to explain why Full Disk Encryption is so important. We require Full Disk Encryption on all devices that connect to or [...]

2022-05-06T13:55:43-04:00June 13th, 2019|

Phishing Attack Exposes 23,811 Patients’ PHI

The threat from phishing attacks are growing faster than ever before. Healthcare organizations now need to implement the appropriate security measures in order to protect their patient’s information, otherwise you are susceptible to having a data breach-- and being fined thousands of dollars. Palmetto Health recently became a victim of a phishing scam after several emails were sent to their employees which contained a malicious hyperlink. When the link [...]

2022-05-06T14:38:22-04:00April 15th, 2019|

Missouri Email Data Breach Affects Thousands

Cybersecurity threats are continuing to impact how healthcare organizations operate on a daily basis. Choice Rehabilitation of Creve Coeur, MO, recently experienced this when an unauthorized individual hacked into a corporate email account of one of its employees. The hacker began his email data breach on July 1, 2018 to a personal email account using a mail forwarder and it remained active until September 30, 2018. After analyzing the [...]

2021-08-25T13:59:21-04:00March 16th, 2019|

Cancer Center Hit with $4.3 Million Texas HIPAA Fine

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that they issued The University of Texas MD Anderson Cancer Center (MD Anderson) a $4.3 million Texas HIPAA violation fine for three different security breaches that occurred between 2012 and 2013. In an uncharacteristic enforcement action, the case was put before the HHS Administrative Law Judge (ALJ). The ALJ ruled in [...]

2020-11-09T17:19:30-05:00June 27th, 2018|

How to Make Sure You’re Using HIPAA Compliant Email

If you are a healthcare organization working with protected health information (PHI), you need to make sure all communication, storage, and transmission of PHI is HIPAA compliant, this includes email communications. HIPAA compliant email is essential to securing patients' sensitive information. But what is HIPAA compliance, and what are the HIPAA email rules and steps for email to become HIPAA compliant? To begin, let’s look [...]

2022-06-02T16:07:31-04:00November 30th, 2017|

$2.7 Million HIPAA Settlement Reached with OHSU After Repeated HIPAA Violations

Oregon Health and Science University (OHSU) has reached a settlement with the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) for $2.7 million. The HIPAA settlement comes after two separate data breaches were reported to OCR dating back to 2013. Combined, these breaches affected more than 7,000 patients. The first breach was caused by a laptop theft. A surgeon was vacationing [...]

2021-08-25T13:59:30-04:00July 15th, 2016|