Criminal Scheme Leads to HIPAA Criminal Penalties

Three individuals allegedly gained unauthorized access to a healthcare provider’s electronic health record (EHR) platform with the intent to steal and sell protected health information (PHI). Two separate schemes, both involving Lydia Henslee, earned the alleged criminals millions of dollars. More details regarding the breach and potential HIPAA criminal penalties are discussed. What Allegations Are They Facing? Earlier this month, Demetrius Cervantes and Amanda Lowry, two of the [...]

2023-07-31T14:14:36-04:00December 11th, 2020|

Lawsuit Claims EHR Violated HIPAA Right of Access

A lawsuit filed by Sherry Russell claims that HealthAlliance Hospital and Ciox Health denied access to her deceased husband’s medical records. If her claims are true, the healthcare organizations violated the HIPAA right of access provision. More details about the lawsuit are discussed below. HIPAA Right of Access Violation Sherry Russell requested her deceased husband’s medical records so that she may file [...]

2023-07-31T15:24:45-04:00September 23rd, 2020|

Attorney General HIPAA Fine Sought for Data Breach Affecting 3.9 Million

Attorney General HIPAA fines have been on the increase over the past few years, and the trend is only growing. With this unprecedented HIPAA fine, Attorneys General across twelve states have filed suits against an EHR platform for a breach of over 3.9 million individuals’ protected health information (PHI). On December 3, 2018, twelve Attorneys General collectively filed a security breach lawsuit against Medical Informatics [...]

2023-08-08T08:59:36-04:00February 18th, 2019|

Ransomware Causes Allscripts EHR Breach, HIPAA Violations

Ransomware breaches are becoming commonplace in healthcare settings, and this most recent attack is just another part of that pattern. Allscripts is an electronic health records (EHR) platform that provides services to hospitals, pharmacies, and ambulatory services across the country. In late January 2018, Allscripts was hit by a ransomware attack that shut down its Professionals EHR and Electronic Prescriptions for Controlled Substances (EPCS), among [...]

2023-08-08T09:35:10-04:00February 13th, 2018|

Blockchain Healthcare Technology: HIPAA Compliant?

With the surge of blockchain technology in healthcare and the recent rise in cryptocurrencies, questions are swarming about how else this innovative new technology can be used. Blockchain technology works by creating packets of information in the form of a "chain," linking one recipient of data to another. The data is encrypted in these packets, which can be accessed by anyone who holds a decryption key for a [...]

2023-08-08T09:36:54-04:00February 12th, 2018|

The Gap Between EHRs and HIPAA Compliance

In today's healthcare market, there's a growing disconnect between EHRs and HIPAA compliance. The misconceptions surrounding requirements for EHRs and HIPAA compliance under the law have put many healthcare professionals in hot water with HIPAA breaches and violation fines. Both are essential parts of running a successful business in healthcare. EHR platforms give your practice a secure, care-focused means of maintaining protected health information (PHI), [...]

2023-08-08T09:46:35-04:00November 10th, 2017|

eClinicalWorks Hit With $155M Settlement for False Claims

EHR HIPAA compliance is a growing concern in the healthcare industry, especially in the aftermath of the US Department of Justice’s (DOJ) recent settlement after the eClinicalWorks lawsuit. Pair this fine with hints out of the Department of Health and Human Services (HHS) about forthcoming EHR HIPAA compliance guidance, and it seems likely that the trend in EHR HIPAA enforcement will continue to grow throughout [...]

2023-08-08T10:04:48-04:00June 6th, 2017|

HHS Secretary Tom Price Suggests Changes to HHS Guidance on EHRs

Secretary of the Department of Health and Human Services (HHS) Tom Price, stressed major changes to healthcare IT under the Trump Administration during his opening remarks at Health Datapalooza 2017. "People, patients, and partnerships" are going to be the major driving forces behind upcoming changes to data security and privacy. Secretary Price stressed that HHS' goal will be reducing the burden of healthcare IT to physicians by focusing [...]

2023-08-08T10:08:44-04:00April 27th, 2017|

EHR Vendors at Risk of 2017 HIPAA Enforcement Actions

The threat of a HIPAA investigation is only one of the exposures that EHR vendors face when it comes to the implementation of privacy and security standards. One of the most recent examples came in June of 2016 when EHR vendor Practice Fusion Inc. was fined for deceptive privacy practices revealed over the course of an FTC investigation. The trend toward civil monetary penalties and other government fines [...]

2023-08-08T10:17:23-04:00February 13th, 2017|

Practice Fusion HIPAA FTC Settlement a “Sign of Things to Come” for HIPAA-Beholden EHR Vendors

On June 8th, 2016 the Federal Trade Commission (FTC) announced a settlement with Practice Fusion, Inc. The EHR vendor was charged with illegally disclosing consumers' protected health information (PHI) without providing information about how it would be used, maintained, and protected, in addition to neglecting to obtain their clients' consent. The HIPAA FTC Settlement Practice Fusion is an electronic health records (EHR) platform used by [...]

2023-08-08T10:41:47-04:00June 28th, 2016|