NIST Cybersecurity Guidelines Update for HIPAA Set to Review

The National Institute of Standards and Technology (NIST) has released a draft update to its cybersecurity guidelines for the healthcare industry and is seeking public feedback through September 21, 2022. NIST is the federal agency responsible for establishing standards and measurement criteria for various industries, including manufacturing, health and bioscience, and cybersecurity. This draft update is intended to integrate with and expand [...]

2022-08-05T14:30:19-04:00August 5th, 2022|

Is Apple iCloud HIPAA Compliant?

Millions of people everyday use iCloud to store and backup important files and electronic information from their Apple devices. They love the ease of use and seamless integration, but is iCloud HIPAA compliant? HIPAA Compliance 101 The Department of Health and Human Services Office for Civil Rights (OCR) is responsible for enforcing HIPAA Rules and Regulations. Those regulations are designed to safeguard [...]

2022-05-06T17:03:28-04:00April 13th, 2022|

HIPAA Risk Management: How to Protect Your Practice

In today’s world, healthcare organizations are continually targeted by hackers for the sensitive information they hold on their patients. To ensure the safety of your patients’ protected health information (PHI) and reduce your practice’s risk, it is important to implement a HIPAA risk management program.  HIPAA Risk Management: How to Determine Your Areas of Risk To implement HIPAA risk management, and adequately safeguard PHI, it is essential to determine [...]

2021-07-30T16:30:31-04:00August 6th, 2020|

When Can a Covered Entity Deny a Request to Amend PHI?

The HIPAA Privacy Rule permits patients to request that PHI contained in their medical records, be amended. The right is not unlimited, however, and a covered entity may deny a request to amend PHI under several circumstances. What is the HIPAA Privacy Rule Right to Amend PHI? Under the HIPAA Privacy Rule, covered entities must honor certain patient requests to amend protected health information (PHI). [...]

2022-05-06T12:13:32-04:00January 17th, 2020|

300,000 Patients Affected by December Healthcare Breaches

The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) reported 34 December healthcare breaches, affecting 313,249 patients. Of the reported incidents, there were 18 breaches due to hacking/IT incidents, 10 breaches from the unauthorized access/disclosure of protected health information (PHI), 3 breaches due to loss, 2 breaches due to theft, and one breach due to improper disposal of PHI. Are you following HIPAA law? Find [...]

2021-01-14T10:41:32-05:00January 13th, 2020|

HIPAA Privacy Complaints Lead to More Informal Intervention Efforts

The numbers seem to paint an odd picture. In 2018, the federal Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) received 25,912 health information privacy complaints - HIPAA privacy complaints relating to the HIPAA Privacy Rule and the HIPAA Security Rule. The annual number of HIPAA privacy complaints has gone up each year since 2015.  The number of HIPAA privacy complaints - and required corrective [...]

2020-01-06T16:53:29-05:00January 6th, 2020|

FBI Ransomware Guidance Issued

In early October of 2019, the Department of Justice issued FBI Ransomware Guidance. The FBI Ransomware Guidance is a public service announcement that contains updated information about the ransomware threat. This FBI Ransomware Guidance updates and is a companion to to Ransomware PSA I-091516-PSA posted on www.ic3.gov in 2016. What is Included in Latest FBI Ransomware Guidance? The FBI Ransomware Guidance begins with the definition [...]

2022-05-06T14:38:19-04:00December 23rd, 2019|

HIPAA Soundproofing

Under the HIPAA Privacy Rule, covered entities must implement safeguards to protect against the unauthorized use or disclosure of PHI. Such safeguards may include HIPAA soundproofing measures designed to protect patient privacy. Note, though, that soundproofing measures are no substitute for a thorough HIPAA compliance program that covers all aspects of the HIPAA rules. What are HIPAA Soundproofing Measures? The HIPAA Privacy Rule does not require retrofitting of hospitals [...]

2020-01-02T15:22:47-05:00November 21st, 2019|

October Healthcare Breaches Affected Nearly 624,000 Patients

October healthcare breaches, listed on the Office for Civil Rights’ (OCR) “wall of shame” affected 623,888 patients. Only healthcare breaches affecting more than 500 individuals are listed on the OCR’s site, making it likely that several other patients were affected by smaller breaches. There were 51 reported breaches in October, of the reported breaches, 18 involved hacking/IT incidents, 27 were due to unauthorized access/disclosure, 3 were the result of [...]

2020-01-02T15:06:03-05:00November 20th, 2019|

HIPAA Law Enforcement

The battle between individuals’ privacy rights and the needs of law enforcement, has raged for centuries in one form or another. When the HIPAA Privacy Rule was implemented, the authors of this rule tried to appease, as it were, both sides. The resulting “compromise” is that protected health information - the information the HIPAA Privacy Rule affords some protection from disclosure - can be disclosed [...]

2022-05-06T12:13:33-04:00November 19th, 2019|