What Happens After a HIPAA Complaint is Filed?

Even when you do the best you can to comply with HIPAA regulations, violations and breaches may occur. Clients or patients may report what they think are violations, even when they’re not. What happens after a HIPAA complaint is filed? What rights do you have as a covered entity or business associate? And what is the worst-case scenario? Common Violation Examples – [...]

2022-05-06T17:03:27-04:00April 25th, 2022|

NY AG SHIELD UP! Vision Benefits Provider Settles Email Data Breach

In January of 2022, EyeMed Vision Care LLC, a New York vision benefits provider, settled an action brought by the New York State Attorney General against it for failing to implement adequate data security measures, including multifactor authentication, password management, and logging of email accounts.  These deficiencies resulted in a 2020 email data breach during which hackers accessed an EyeCare email account [...]

2022-05-06T17:03:39-04:00January 26th, 2022|

What’s the Civil Penalty for Unknowingly Violating HIPAA?

When a covered entity or business associate makes the HIPAA Wall of Shame for a significant breach or violation, it often results in huge fines. In some cases, the breaches and resulting fines resulted from organizations knowingly violating HIPAA regulations and just hoping they wouldn’t get caught. However, many violations and fines occur because people thought they were doing enough to be compliant. Do the regulators [...]

2022-05-06T17:03:40-04:00January 24th, 2022|

Causes and Effects of HIPAA Violations in the Dental Field

Building and maintaining a thriving dental practice is not a simple task. Between keeping your staff at peak efficiency, managing vendors, marketing your services, treating patients, and everything else in your day, it’s easy to overlook something like HIPAA compliance. Unfortunately, HIPAA violations in the dental field can create severe issues for your practice. Who Defines HIPAA Violations in the Dental Field [...]

2022-05-06T17:03:40-04:00January 21st, 2022|

Quest Diagnostics Subsidiary Hit with Data Breach Lawsuit

Quest Diagnostics subsidiary, ReproSource Fertility Diagnostics has been sued by a patient over alleged security deficiencies. The Quest data breach lawsuit was filed one month after the October 8, 2021 announcement of a ransomware attack that potentially exposed the protected health information (PHI) of 350,000 individuals. Details of the Quest Data Breach Lawsuit According to the notification provided by ReproSource, the company’s [...]

2022-05-06T17:03:43-04:00December 31st, 2021|

Hackensack Cancer Center Settles HIPAA Violations With New Jersey Attorney General

In December of 2021, the New Jersey Attorney General’s Division of Consumer Affairs, Office of Consumer Protection, settled a HIPAA enforcement action that it brought against Regional Cancer Care Associates (RCCA). RCCA is based in Hackensack, New Jersey, and has over 30 locations throughout New Jersey, Connecticut, Maryland, and the Washington DC area. RCCA treats cancer patients as well as patients with blood disorders. RCCA fell victim to [...]

2022-05-06T17:03:44-04:00December 23rd, 2021|

New Jersey State Attorney General Settles HIPAA Claims Against Printing Companies

In November of 2021, the New Jersey State Attorney General’s (AG) Office, Division of Consumer Affairs, settled 2 HIPAA claims, one HIPAA claim against Command Marketing Innovations (CMI), and another HIPAA claim against CMI’s business associate, Strategic Content Imaging, LLC (SCI). This $130,000 resolution settled each company’s potential HIPAA Security Rule and Privacy Rule violations. The printing companies were drummed into New Jersey court for having [...]

2022-05-06T17:03:45-04:00December 21st, 2021|

The Fines They Are A’Changin’: Lessons from 2021 HIPAA Fines

This year, the Department of Health and Human Services’ Office for Civil Rights (OCR) resolved 14 enforcement actions it had filed against healthcare providers, health plans, and clinical labs. OCR resolved all but one of these 13 through entering into a Settlement Agreement with the covered entity. In the remaining action, OCR imposed a civil monetary penalty on the provider. The lessons from 2021 HIPAA fines are three-fold: [...]

2022-05-06T17:03:45-04:00December 17th, 2021|

Employees Vital to Preventing HIPAA Violations

Whether you’re opening a new medical practice, or starting a business to serve providers, preventing HIPAA violations is likely the last thing on your mind. Even when you make the effort to comply with HIPAA’s requirements for Privacy, Security and Breach Notification, data breaches can still occur. As news reports of ransomware, cybercrime and hacking increase, it is very easy to forget [...]

2022-05-06T17:03:47-04:00December 8th, 2021|

OCR Settles 5 HIPAA Right of Access Complaints

On November 30, 2021, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced the resolution of five HIPAA right of access investigations. OCR settled four right of access complaints, with providers in Ohio, Colorado, Oregon and North Carolina. OCR imposed a civil monetary penalty (CMP) on a fifth provider, a cardiologist in Long Island (New Hyde Park), New York. OCR imposed a penalty [...]

2022-05-06T17:03:48-04:00December 3rd, 2021|