Covered Entities Required to Vet Business Associates

The Health Insurance Portability and Accountability Act (HIPAA) established a set of standards that anyone working in healthcare must adhere to. HIPAA law is meant to safeguard a patient’s protected health information (PHI) to ensure that only those who need access to PHI, as part of their job, have access. Since HIPAA security law is complicated, many practices opt to hire IT solution providers to address their technology security, [...]

2023-04-06T14:26:27-04:00September 6th, 2019|

3 Easy Steps to Get your Microsoft Business Associate Agreement

The Health Insurance Portability and Accountability Act (HIPAA) set forth industry standards for the handling of protected health information (PHI). PHI is any individually identifying health information such as name, date of birth, treatment information, Social Security number, etc. Under HIPAA, any organization working with PHI, in any capacity, must be HIPAA compliant. This includes covered entities (CEs) and the vendors that service them. Before a CE can [...]

2023-04-06T14:26:32-04:00August 29th, 2019|

Florida HIPAA Fine: No BAA Results in $500,000 Fine

A recent $500,000 Florida HIPAA fine is just another example of the growing trend of HIPAA violations cropping up across the country, all stemming from the lack of properly executed business associate agreements. Advanced Care Hospitalists PL (ACH) has agreed to pay a $500,000 HIPAA fine to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) after a HIPAA investigation [...]

2023-04-06T14:27:57-04:00March 5th, 2019|

Georgia Eye Care Email Data Breach Impacts 24,000 Patients

This recent email data breach affecting a Georgia-based eye care group is yet another indicator that threats to data security are becoming more commonplace for healthcare professionals in every industry. Large-scale data breaches are no longer confined to hospitals and enterprise health systems. It’s more important than ever before for small-to-mid-size healthcare providers to start addressing their data security and HIPAA compliance to avoid data [...]

2023-04-06T14:28:00-04:00February 21st, 2019|

How to Make Sure You’re Using HIPAA Compliant Email

If you are a healthcare organization working with protected health information (PHI), you need to make sure all communication, storage, and transmission of PHI is HIPAA compliant, this includes email communications. HIPAA compliant email is essential to securing patients' sensitive information. But what is HIPAA compliance, and what are the HIPAA email rules and steps for email to become HIPAA compliant? To begin, let’s look [...]

2023-04-10T12:23:01-04:00November 30th, 2017|

Is DropBox HIPAA Compliant?

The question "Is DropBox HIPAA compliant?" is a common question for healthcare providers and organizations that deal with protected health information (PHI). Before we answer, let's take a brief look at some of the foundational components of HIPAA compliance to deepen your understanding of how it applies to DropBox. Working with Healthcare Vendors Healthcare providers are considered covered entities (CEs) under HIPAA regulation. [...]

2023-04-06T14:28:28-04:00October 6th, 2017|

Getting Your Google BAA: What You Need to Know

When using Google to run your healthcare business you need to ensure that you sign a proper Google BAA. A BAA--or Business Associate Agreement--is a HIPAA mandated contract that must be executed between two parties in the event that healthcare data is being exchanged. This sensitive data is called protected health information (PHI) under HIPAA regulation. PHI includes any demographic information that can be used [...]

2023-04-06T14:28:29-04:00September 22nd, 2017|

Is Windows 10 HIPAA Compliant?

Data privacy and security concerns are mounting against Microsoft's newest operating system. We look at trends in how Microsoft has handled data security in the past, and tell you what you can do to protect your data moving forward. What Do You Need to Know About Windows 10 and HIPAA? Since it was first released in July of 2015, Microsoft has remained silent about Windows 10 and HIPAA [...]

2023-04-06T14:28:58-04:00July 13th, 2016|

$750,000 HIPAA Settlement in North Carolina for Lack of Business Associate Agreements

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it reached a $750,000 HIPAA settlement with Raleigh Orthopedic Clinic, P.A. The Raleigh, North Carolina-based provider group practice runs several clinics and an orthopedic surgery center. The HIPAA settlement was reached after the protected health information (PHI) of 17,300 patients was unlawfully transmitted to a Business Associate (BA) without having executed a proper Business [...]

2023-04-06T14:29:25-04:00April 21st, 2016|

OCR Settles for $5.5 Million in Business Associate Agreement Violation and PHI Breach

OCR Investigates North Memorial Health System of Minnesota and Feinstein Institute for Medical Research for Missing Laptop, Discovers Rampant Privacy and Security Violations for a combined $5.55 Million Settlement On March 17, 2016 the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reached a settlement with the North Memorial Health System of Minnesota for $1.55 million after it improperly disclosed the protected [...]

2023-04-06T14:29:29-04:00March 18th, 2016|