Earlier this year, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced an initiative. Under the initiative, OCR stated that a main area of HIPAA enforcement in 2019 would be HIPAA right of access violations, including covered entities’ untimely responses to access requests and overcharging for copies of medical records. In early September of 2019, OCR reached its first settlement [...]
The Health Insurance Portability and Accountability Act (HIPAA) dictates healthcare standards for how protected health information (PHI) is handled and safeguarded. The Department of Health and Human Services (HHS) estimates that 70% of organizations are not HIPAA compliant. There’s a lot of confusion on who needs to be HIPAA compliant, but the easiest way to explain this is if you are dealing with PHI in [...]
Medical Informatics Engineering, Inc. (MIE) is an Indiana-based company that develops and offers solutions enabling the exchange of electronic protected health information (ePHI). In May of 2019, the company paid the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) $100,000 to settle potential HIPAA Privacy Rule and Security Rule violations. The events causing the violations are now commonplace, MIE had discovered [...]
A HIPAA risk assessment is an essential component of HIPAA compliance. HIPAA risk and security assessments give your business a strong foundation when it comes to protecting your patients’ data. Without performing this assessment, how will you know where you are deficient? More importantly, what will you know to fix? When an organization does not implement proper security measures, a data breach can occur and the results can [...]
The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has just levied a $3,000,000 HIPAA fine against Touchstone Medical Imaging. The HIPAA fine comes after a breach of the HIPAA Security Rule and HIPAA Breach Notification Rule that affected more than 300,000 patients. Touchstone is a diagnostic medical imaging company based in Franklin, Tennessee, providing services in Texas, Colorado, Nebraska, Florida, and Arkansas. In May [...]
HIPAA enforcement has been on the rise for the past few years, totaling over $70 million in fines since 2016 alone. And now, a new round of random HIPAA audits is on the horizon. Now, the Centers for Medicare & Medicaid Services (CMS) Division of National Standards, on behalf of the Department of Health and Human Services (HHS), is instituting a CMS Compliance Review Program of random HIPAA [...]
A recent $500,000 Florida HIPAA fine is just another example of the growing trend of HIPAA violations cropping up across the country, all stemming from the lack of properly executed business associate agreements. Advanced Care Hospitalists PL (ACH) has agreed to pay a $500,000 HIPAA fine to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) after a HIPAA investigation [...]
Community Health Systems (CHS) was issued a $4,500,000 HIPAA fine for a reported 2014 data breach. It looks like the data breach resulted from malware which was installed by Chinese hackers on CHS’s computer system. This incident exposed approximately 4.5 million patients’ names, dates of birth, addresses, telephone numbers, and Social Security numbers. But that was just the beginning of the monetary penalties that CHS was about to [...]
Business associates are continually finding themselves in a state of turmoil when it comes to security and HIPAA compliance. Recently, Stanford University Hospital in Palo Alto, California experienced a breach of 20,000 patients’ medical records due to a business associate HIPAA violation. The medical records were made accessible online to the public for almost a year after an error was made by one of Stanford [...]
This recent email data breach affecting a Georgia-based eye care group is yet another indicator that threats to data security are becoming more commonplace for healthcare professionals in every industry. Large-scale data breaches are no longer confined to hospitals and enterprise health systems. It’s more important than ever before for small-to-mid-size healthcare providers to start addressing their data security and HIPAA compliance to avoid data [...]
© 2023 Compliancy Group LLC. All Rights Reserved | Terms of Use | Privacy Policy
Become Compliant, Get The Seal!
