Illinois Medical Marijuana HIPAA Compliance Required

The deadline for Illinois Medical Marijuana dispensaries to become HIPAA compliant was December 1, 2021. As of this date, Illinois medical marijuana HIPAA compliance is required for all dispensaries in the state that provide marijuana products to patients. This includes completion of a security risk assessment and encryption of electronic devices and networks that contain the protected health information (PHI) of patients. [...]

2023-04-06T14:00:37-04:00December 14th, 2021|

OCR Settles 5 HIPAA Right of Access Complaints

On November 30, 2021, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of five HIPAA right of access investigations. OCR settled four right of access complaints, with providers in Ohio, Colorado, Oregon and North Carolina. OCR imposed a civil monetary penalty (CMP) on a fifth provider, a cardiologist in Long Island (New Hyde Park), New York. OCR imposed a penalty [...]

2023-04-06T14:00:41-04:00December 3rd, 2021|

Completing Your Annual HIPAA Risk Assessment Before the Deadline

You must complete a HIPAA risk assessment each year, and now is the time to do so. Conducting an annual HIPAA risk assessment is an important part of compliance, as well as being integral to protecting your business against breaches. This is because risk assessments reveal vulnerabilities, threats, and risks to protected health information (PHI), thus uncovering deficiencies in your current security practices. [...]

2023-04-06T14:00:44-04:00November 19th, 2021|

Why You Need Dental IT Support

Dental office administrative staff are often overburdened with a multitude of tasks, especially as of late with staffing shortages across the country. These staff members are often required to wear many hats and are therefore more likely to fall victim to burnout. With their focus divided across several tasks, it is difficult to fully address the security needs of the modern dental practice. This is where dental IT [...]

2023-04-06T14:00:58-04:00September 1st, 2021|

HIPAA Act 25th Anniversary: Congratulations, Now I’m Suing!

The HIPAA Act turns 25 on August 21, 2021. On Wednesday, August 21, 1996, President Bill Clinton signed HIPAA into law, with bipartisan support from Congress. The signing took place as part of a gala ceremony on the White House lawn, complete with a Marine band and an invited audience. In the past 25 years, the Department of Health and Human Services has issued regulations requiring covered entities [...]

2023-04-06T14:01:00-04:00August 18th, 2021|

OCR Settles 19th HIPAA Right of Access Case

Since 2019, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has brought a number of enforcement actions against healthcare providers for their failure to comply with the HIPAA Privacy Rule’s right of access standard. This standard requires providers to give patients timely access to their medical records. Recently, OCR announced its 19th settlement under its 2019 right [...]

2023-04-06T14:01:15-04:00June 2nd, 2021|

NIST Seeks Public Comment on Cybersecurity Resource Guide

In 2008, the National Institute of Standards and Technology (NIST) organization published guidance as to how covered entities and business associates were expected to implement HIPAA Security Rule requirements. At the end of April of 2021, the NIST organization announced that it is planning to update this cybersecurity guide. The NIST organization is seeking public comment as to what should be included in the new cybersecurity guide. The [...]

2023-04-06T14:01:17-04:00May 20th, 2021|

Healthcare Groups Push Back on Proposal to Modify HIPAA Privacy Rule

In January of 2021, the Department of Health and Human Services (HHS) published a Notice of Proposed Rulemaking (Notice) to modify the HIPAA Privacy Rule. HHS has proposed to modify the Privacy Rule right of access provision by (among other measures) requiring providers, at an individual’s request, to mail or electronically transmit PHI to or through the individual’s personal health application (PHA). HHS seeks to define PHAs as [...]

2023-04-06T14:01:18-04:00May 14th, 2021|

5 Tips on How to Complete a Risk Assessment

Are you worried about completing your HIPAA risk assessment? Many organizations are. To provide you with guidance, 5 tips on how to complete a risk assessment are discussed. Educate yourself on the HIPAA Security Rule Identify risks and vulnerabilities Create and implement remediation plans Use a risk assessment tool Repeat annually How to Complete a Risk Assessment Completing your [...]

2023-04-06T14:01:43-04:00April 15th, 2021|

Vaccine Passports and HIPAA

With states starting to issue vaccine passports, proving that a resident has been vaccinated against COVID, many have been asking, is this a HIPAA violation? To provide guidance, immunization passports and HIPAA implications are discussed. Do Vaccine Passports Violate HIPAA? There has been a lot of debate as to whether or not businesses would be in violation of HIPAA by requiring customers to provide proof of vaccination to [...]

2023-04-06T14:01:45-04:00April 7th, 2021|