HIPAA Compliance News

What Information is Protected Under HIPAA Law The Healthcare Insurance Portability and Accountability Act (HIPAA) consist of five Titles, each with...

What happens if you violate HIPAA depends on the nature and consequences of the violation, the motive for the violation,...

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR)...

The U.S. Department of Health and Human Services (HHS) has restructured its Office for Civil Rights (OCR) and has created...

In the context of HIPAA, the term PHI is commonly used in connection with health data, but what does PHI...

January is usually one of the quietest months of the year for healthcare data breaches and last month was no...

What happens if you break HIPAA Rules depend on whether you are a Covered Entity or Business Associate, or a...

Google Drive is a useful tool for sharing documents, but can those documents contain PHI? Is Google Drive HIPAA compliant?...

The Biden Administration is considering new rulemaking to update HIPAA to better protect reproductive health information, following the Supreme Court...

It has been more than 25 years since the Health Insurance Portability and Accountability Act (HIPAA) was introduced, but there...

The deadline for reporting healthcare data breaches of fewer than 500 records is fast approaching. HIPAA-regulated entities must ensure these...

The HHS’ Office for Civil Rights (OCR) has published a report it sent to Congress that details its HIPAA enforcement...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has publicly released two reports that were submitted...

Covered entities under HIPAA are individuals or entities that transmit protected health information electronically for transactions that the Department of...

HIPAA certification is defined as either a point in time accreditation demonstrating an organization has passed a HIPAA compliance audit,...

Is doxy.me HIPAA compliant? The platform would appear to be based on the information published on its website. However, as...

In a healthcare environment, you are likely to hear health information referred to as protected health information or PHI, but...

A HIPAA violation can be grounds for termination depending on the nature of the violation, the consequences of the violation,...

Zoom is a popular video and web conferencing platform that has been adopted by more than 750,000 businesses, but is...

The HIPAA breach notification requirements are important to know if an organization creates, receives, maintains, or transmits Protected Health Information...

Misunderstandings can sometimes exist with the distinction between a HIPAA security incident and the definition of a HIPAA breach. Although...

Medical identity theft is the theft or misuse of an individual’s health information to fraudulently obtain treatment, prescription drugs, or...

A HIPAA authorization is a form that must be completed by a patient or a health plan member when a...

One of the key goals of compliance officers is to prevent HIPAA compliance violations whenever possible. To achieve this goal,...

The HHS’ Office for Civil Rights has announced its second financial penalty of 2023 to resolve alleged violations of the...

The most common HIPAA violations that have resulted in financial penalties are: Snooping on Healthcare Records Failure to Perform an...

Healthcare organizations and their business associates that want to share protected health information in a HIPAA-compliant way must do so...

A limited data set under HIPAA is a set of identifiable healthcare information that the HIPAA Privacy Rule permits covered...

The Department of Health and Human Services’ Office for Civil Rights is the main enforcer of HIPAA compliance; however, state...

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance,...

HIPAA is important because, due to the passage of the Health Insurance Portability and Accountability Act, the Department of Health...

What happens if a nurse violates HIPAA depends on the nature of the violation, the consequences of the violation, the...

To best answer the question what is a HIPAA violation, it is necessary to explain what HIPAA is, who it...

The purpose of HIPAA was originally to ensure more employees could continue to receive health insurance coverage when they were...

The question of how long is PHI protected after death is often answered with “fifty years”, but that answer refers...

It is understandable when misunderstandings exist about the civil penalty for knowingly violating HIPAA due to the scope of the...

For the first time since 2015, there was a year-over-year decline in the number of data breaches reported to the...

You can report a HIPAA violation by various channels regardless of whether you are a member of a Covered Entity´s...

What is individually identifiable health information and what must HIPAA-covered entities do to the information before it can be shared...

Like many aspects of HIPAA, there is no straightforward answer to the question can doctors share patient information with other...

A clearinghouse in healthcare has several definitions – and can have several interpretations of the definitions. For health plans and...

Although the Privacy Act does not mandate a HIPAA confidentiality agreement for employees, some organizations require members of their workforces...

Examples of when does a state privacy law supersede HIPAA are hard to find because state privacy laws generally exempt...

Washington Attorney General Bob Ferguson is suing a plastic surgery provider for falsely inflating online ratings, bribing, and threatening patients,...

In healthcare, OSHA and HIPAA compliance are both essential despite being separate standards. However, although separate, there are broad similarities...

The HHS’ Office for Civil Rights (OCR) has announced its first HIPAA enforcement action of 2023, which serves as a...

The information risk management, standards, and certification body, HITRUST, has announced that it will be releasing a new version of...

You suspect there has been a HIPAA violation in the workplace, should you report the violation? If so, how should...

The issue of how to secure patient information and PHI is challenging because HIPAA does not require all patient information...

One of the questions we are sometimes asked is how to report a HIPAA violation anonymously. This is because, in...

Can a patient sue for a HIPAA violation? There is no private cause of action in HIPAA, so it is...

The HIPAA Conduit Exception Rule is a source of confusion for many HIPAA covered entities, but it is essential that...

The Health Insurance Portability and Accountability Act (HIPAA) was signed into law in August 1996 and led to the development...

HIPAA-covered entities must ensure protected health information (PHI) transmitted by email is secured to prevent unauthorized individuals from intercepting messages,...

November was a relatively quiet month for healthcare data breaches with 31% fewer breaches reported than the previous month. November’s...

The Health Insurance Portability and Accountability Act of 1996 is one of the most important pieces of legislation to affect...

The Secretary of the Department of Health and Human Services (HHS) has proposed a new rule that will require the...

Many sources discussing the use of Artificial Intelligence (AI) in healthcare raise concerns about whether the use of AI complies...

The Orlando, FL-based primary care provider, Health Specialists of Central Florida Inc. (HSCF), has paid a $20,000 financial penalty to...

The HHS’ Office for Civil Rights (OCR) has announced a settlement has been reached with a Californian dental practice to...

The private information of visitors to telehealth websites is being shared with big tech companies without user consent due to...

Amazon has announced that it will stop support for third-party HIPAA-eligible skills for its Alexa devices, which means developers will...

The HHS’ Office for Civil Rights has issued a bulletin confirming that the use of third-party tracking technologies on websites,...

The Department of Health and Human Services (HHS) and the Substance Abuse and Mental Health Services Administration (SAMHSA) have issued...

Section §164.528 of the Privacy Rule is better known as the HIPAA disclosure accounting standard. The standard states an individual...

Is Google Docs HIPAA compliant? Is it permitted to upload documents containing protected health information to Google Docs, or would...

One of the challenges of discussing HIPAA for therapists is that there are several ways in which HIPAA can apply...

Can a nurse be fired for a HIPAA violation? Certainly. Violate HIPAA Rules and having your employment contract terminated may...

The HIPAA laws in Texas are the same as they are anywhere else in the country. However, because state law...

Michigan HIPAA laws are the regulations that Michigan-based HIPAA Covered Entities and Business Associates have to comply with when the...

There is no simple answer to the question what kind of lawyer deals with HIPAA violations because HIPAA violations can...

There has been an increased interest in how do you comply with HIPAA laws in Ohio since the introduction of...

Many healthcare organizations are unsure whether Hotmail is HIPAA compliant and whether sending protected health information via a Hotmail account...

Healthcare providers need to be prepared to deal with a HIPAA privacy complaint from a patient. In order for an...

HIPAA applies to healthcare providers, health plans, healthcare clearinghouses, and business associates of those entities but how does HIPAA apply...

The difficulty in complying with HIPAA California law is that there are three significant Acts of legislation that healthcare organizations...

All employees must receive training on HIPAA Rules, but when should you promote HIPAA awareness? How often should HIPAA retraining...

In answer to the question is saying someone died a HIPAA violation, it depends on who is making the statement,...

Senator Mark Warner (D-VA), Chairman of the Senate Select Committee on Intelligence, has recently published a white paper – Cybersecurity...

Two class action lawsuits have been filed on behalf of patients whose protected health information (PHI) was impermissibly disclosed to...

Aveanna Healthcare has agreed to pay a $425,000 financial penalty to the Office of the Attorney General of Massachusetts for...

There are two answers to the question OSHA was created in what year because the acronym OSHA has two meanings...

Is G Suite HIPAA compliant? Can G Suite be used by HIPAA-covered entities without violating HIPAA Rules? Google has developed...

Although the HHS´ Office for Civil Rights does not recognize certifications of compliance issued by third party organizations, investing in...

The Department of Health and Human Services (HHS)’ Office for Civil Rights (OCR) has released a video presentation on its...

The Health Insurance Portability and Accountability Act (HIPAA) requires HIPAA-covered entities and their business associates to implement safeguards to ensure...

Is AWS HIPAA compliant? Amazon Web Services has all the protections to satisfy the HIPAA Security Rule and Amazon will...

In its October 2022 cybersecurity newsletter, OCR has reminded HIPAA-regulated entities of their obligations with respect to security incidents, including...

63 data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights in September, bringing...

Most sources of information answering the question when can PHI be disclosed refer to the standards of the HIPAA Privacy...

A pharmaceutical sales rep has pleaded guilty to conspiring to commit healthcare fraud and wrongfully disclosing and obtaining patients’ protected...

The latest in our series of posts on HIPAA compliant software and email services for healthcare organizations explores whether Microsoft...

Healthcare providers, health plans, healthcare clearinghouses, and business associates of those organizations must comply with the Health Insurance Portability and...

Calendly is a popular tool that is used by many businesses to schedule meetings and appointments, but can Calendly be...

Text messaging platforms such as Skype are a convenient way of quickly communicating information, but is Skype HIPAA compliant? Can...

The Secretary of the Department of Health and Human Services, Xavier Becerra, extended the COVID-19 Public Health Emergency (PHE) today...

A former physician with practices in New Jersey, New York, and Florida has pleaded guilty to criminal violations of HIPAA...

When WhatsApp announced it was introducing end-to-end encryption, it opened up the prospect of healthcare organizations using the platform as...

The Health Sector Coordinating Council (HSCC) has urged the National Institute for Standards & Technology to provide tailored guidance for...

The deadline for compliance with the information blocking requirements of the 21st Century Cures Act is October 6, 2022, after...

HIPAA stands for the Health Insurance Portability and Accountability Act – an Act passed by Congress in 1996 with the...

Many covered entities want to take advantage of cloud storage services, but can Microsoft OneDrive be used? Is OneDrive HIPAA...

Google Meet is HIPAA compliant subject to certain conditions being met. These conditions include that a Business Associate Addendum is...

The HHS’ Office for Civil Rights (OCR) has agreed to settle three HIPAA investigations of potential HIPAA Right of Access...

In answer to the question can medical records be subpoenaed; the answer is yes because every type of record can...

One of the capabilities of many business password managers is the ability to send encrypted messages to any recipient. Often...

What happens after a HIPAA complaint is filed can vary according to who it is filed with, whether or not...

Some of the biggest fines for HIPAA violations have been for failing to comply with the medical records destruction rules....

A group of 30 senators is urging the Department of Health and Human Services to update the Health Insurance Portability...

U.S Department of Health and Human Services Director Xavier Becerra has formally sworn in Melanie Fontes Rainer as the new...

The answer to the question when was HIPAA enacted is not straightforward. This is because, although the Health Insurance Portability...

Massachusetts-based Constant Contact has developed an online and email marketing solution that makes it easy to keep in touch with...

Although HIPAA cannot be waived in its entirety, parts of HIPAA can be waived in certain circumstances. However, these circumstances...

Massachusetts-based New England Dermatology P.C., dba New England Dermatology and Laser Center (NDELC), has agreed to settle a HIPAA violation...

The answer to the question are phone calls HIPAA compliant can be dependent on who is making the call, what...

The maximum penalty for violating HIPAA is currently $1,919,173 (September 2022). However, this figure represents the maximum penalty per violation...

The Health Insurance Portability and Accountability Act was a landmark piece of legislation that was originally intended to simplify the...

Cloud computing has revolutionized the way healthcare organizations operate, but ensuring cloud computing is HIPAA compliant can be a challenge....

Answering the question is Square HIPAA compliant is a little complicated because, although Square is HIPAA compliant for some services...

Ransomware attacks are rife, hacking incidents are being reported at high levels, and there have been several very large healthcare...

Signal is a popular open source, messaging application that is free to use, which has made it popular with businesses...

Is Ivy Pay HIPAA compliant? It is possibly the most HIPAA compliant payment processing service for Covered Entities. However, at...

Cyber actors are increasingly targeting business associates of HIPAA-covered entities as they provide an easy way to gain access to...

The National Institute of Standards and Technology (NIST) has updated its guidance for HIPAA-regulated entities on implementing the HIPAA Security...

June 2022 saw 70 HIPAA compliance data breaches of 500 or more records reported to the Department of Health and...

The Department of Health and Human Services’ Office for Civil Rights has sent a warning to healthcare providers about the...

A number of sources tackling the question is PayPal HIPAA compliant conclude it is not because the company shares customers´...

The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has announced that Oklahoma State University –...

Healthcare organizations can benefit from using Dropbox, but is Dropbox HIPAA compliant? Can the service be used to store and...

The HHS’ Office for Civil Rights has recently issued guidance to healthcare organizations following the overturning of Roe v. Wade...

It may be one of the most popular payment apps in the United States, but is Venmo HIPAA compliant? Surprisingly,...

Is the project management software Trello HIPAA compliant? Owned by Atlassian, Trello offers a range of tools that help to...

President Biden and U.S. Department of Health and Human Services (HHS) Secretary Xavier Becerra recently called on HHS agencies to...

Google Voice is a popular telephony service, but is Google Voice HIPAA compliant or can it be used in a...

The Government Accountability Office (GAO) has recommended that the Department of Health and Human Services (HHS) establish a feedback mechanism...

Several articles exist suggesting ways to make HubSpot HIPAA compliant. However, prior to using any of these suggestions, or integrating...

May 2022 saw a 25% increase in healthcare data breaches of 500 or more records. 70 data breaches of 500...

Healthcare providers, health plans, healthcare clearinghouses, and business associates of those entities that come into contact with protected health information...

An analysis of hospitals’ websites has revealed one-third of the top 100 hospitals in the United States are sending patient...

The Department of Health and Human Services (HHS)’ Office of the National Coordinator for Health Information Technology (ONC) and the...

Start preparing now and get your telehealth services HIPAA compliant as when the COVID-19 Public Health Emergency (PHE) ends, the...

The HHS’ Office for Civil Rights (OCR) is producing a video presentation to help HIPAA-regulated entities implement “Recognized Security Practices.”...

Earlier this year, the HHS’ Office for Civil Rights issued a request for information (RFI) on how the financial penalties...

The HIPAA photography rules are some of the most complex rules in HIPAA. They vary according to the nature of...

Are cloud-based companies such as Salesforce HIPAA compliant? The answer will, of course, depend what measures are put in place...

One of the challenges when discussing the benefits of HIPAA compliance for medical practices is proving the benefits are directly...

After four successive months of declining numbers of data breaches, there was a 30.2% increase in reported data breaches. In...

The HIPAA Administrative Simplification Regulations – detailed in 45 CFR Part 160, Part 162, and Part 164 – require healthcare...

Since 1991, the Office of the Inspector General (OIG) at the Department of Health and Human Services has promulgated more...

HIPAA gives individuals the right to file a HIPAA complaint against Covered Entities and Business Associates if they believe a...

The HIPAA Enforcement Rule of 2006 – and subsequent amendments attributable to the passage of HITECH – details the procedures...

For the fourth successive month, the number of reported healthcare data breaches has fallen. In March 2022, 43 HIPAA compliance...

Immediate intervention following an instance of unauthorized access to protected health information (PHI) by a healthcare employee is 95% effective...

The term HIPAA Covered Entities is most often defined as health plans, healthcare clearinghouses, and healthcare providers that are required...

The Department of Health and Human Services’ Office for Civil Rights has released a Request for information (RFI) related to...

It is important to know what is considered a breach of HIPAA because Covered Entities are required to report breaches...

One of the biggest compliance challenges for Covered Entities and Business Associates is understanding HIPAA permitted disclosures. This is because...

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is an important legislative Act that requires healthcare organizations that...

Articles discussing the 3 major things addressed in the HIPAA law often tend to focus on the Administrative, Physical, and...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its first financial penalties of 2022...

For the third successive month, the number of data breaches reported to the HHS’ Office for Civil Rights (OCR) has...

Healthcare hacking incidents have been steadily rising for a number of years. There was a 45% increase in hacking/IT incidents...

Although the answer to the question is HIPAA is federal law is yes, there are occasions when HIPAA is pre-empted...

The development, implementation, and enforcement of HIPAA policies and procedures is the cornerstone of HIPAA compliance. Without policies and procedures...

There have been calls for healthcare organizations to take steps to improve security due to a major rise in hacking...

There is no one-size-fits-all HIPAA compliance violation reporting process because different organizations have different policies and procedures for reporting HIPAA...

In a recent blog post, Director of the HHS’ Office for Civil Rights, Lisa J. Pino, urged HIPAA-regulated entities to...

Who Does HIPAA Apply To? Confusion sometimes exists over the question of who does HIPAA apply to because the requirement...

50 healthcare data breaches of 500 or more records were reported to the HHS’ Office for Civil Rights (OCR) in...

Healthcare privacy laws in the United States are due an update to bring them into the modern age to ensure...

The Government Accountability Office (GAO) has launched a rapid response survey of healthcare organizations and business associates covered by the...

The Rhode Island Attorney General is investigating UnitedHealthcare and the Rhode Island Public Transit Authority (RIPTA) over a cyberattack and...

The HIPAA Breach Notification Rule calls for data breach notifications to be issued to the Secretary of the HHS “without...

You can make your email HIPAA compliant by following three easy steps. First, if you are communicating ePHI to a...

The first settlement of 2022 to resolve a healthcare data breach has been announced by New York Attorney General Letitia...

Some 56 HIPAA compliance data breaches of 500 or more healthcare records were reported to the HHS’ Office for Civil...

The Department of Health and Human Services’ Office for Civil Rights (OCR) settled 19 HIPAA compliance violation cases in 2020....

Avalon Healthcare has agreed to settle alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws...

According to several media sources, there appears to be a degree of confusion about the purpose of HIPAA and HIPAA...

The number of reported healthcare data breaches has increased for the third successive month, with November seeing 68 data breaches...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has published new guidance to explain how the...

The New Jersey Division of Consumer Affairs has agreed to settle a data breach investigation that uncovered violations of the...

The Health Information Sharing and Analysis Center (Health-ISAC) has released guidance for Chief Information Security Officers (CISOs) on adopting an...

The Department of Health and Human Services has launched a new website that offers advice and resources to help the...

Health Care Compliance Association (HCCA) will be hosting the 26th Annual Compliance Institute at the Phoenix Convention Center, Phoenix, AZ,...

The HHS’ Office for Civil Rights (OCR) is continuing with its enforcement of compliance with the HIPAA Right of Access...

October saw 59 healthcare data breaches of 500 or more records reported to the Department of Health and Human Services’...

Under the Federal Civil Penalties Inflation Adjustment Act Improvements Act of 2015*, the Office of the Assistant Secretary for Financial...

The New Jersey Attorney General has approved a $130,000 settlement with two printing firms to resolve alleged violations of the...

The Department of Health and Human Services’ Office for Civil Rights has advised HIPAA-covered entities to assess the protections they...

A new study has revealed widespread security failures at healthcare organizations, including poor access controls, few restrictions on access to...

The answer to the question who enforces HIPAA is that there are a number of state and federal agencies that...

There was a 23.7% month-over-month increase in reported healthcare data breaches in September, which saw 47 data breaches of 500...

A New Jersey infertility clinic accused of violating HIPAA and New Jersey laws by failing to implement appropriate cybersecurity measures...

The Department of Health and Human Services’ Office for Civil Rights has issued guidance to educate the public on how...

The U.S. Department of Justice has recently been cracking down on healthcare offenses, with investigations often involving a HIPAA subpoena...

Lisa J. Pino has been named Director of the Department of Health and Human Services’ Office for Civil Rights (OCR)...

Is FaceTime HIPAA compliant? Can FaceTime be used by HIPAA covered entities to communicate electronic protected health information (ePHI) without...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has imposed its 20th financial penalty under the...

The Breach Notification Rule of the Health Insurance Portability and Accountability Act (HIPAA) requires covered entities and business associates to...

High numbers of healthcare data breaches continued to be reported by HIPAA-covered entities and their business associates. In July, there...

The Health Insurance Portability and Accountability Act is now 25 years old. How effective has this healthcare law been and...

The Department of Justice has announced nine San Diego residents have been charged in two separate indictments in connection with...

The U.S. Court of Appeals for the Fourth Circuit has ruled that there is no private cause of action in the...

In October 2020, Mayo Clinic announced a former employee was discovered to have impermissibly accessed the medical records of approximately...

A former Cedar Rapids Hospital employee has been sentenced to 5 years’ probation for wrongfully accessing and distributing the protected...

May was the worst month of 2021 to date for healthcare data breaches. There were 63 breaches of 500 or...

Social media platforms such as Facebook, Twitter, Snapchat, and Instagram make it easy for healthcare organizations to advertise their services...

The National Institute of Standards and Technology (NIST) has published a new report on the use of biometric authentication on...

The HHS’ Office for Civil Rights has announced a settlement has been reached with The Diabetes, Endocrinology & Lipidology Center,...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced a settlement has been reached with...

Several healthcare groups have expressed concern about the HIPAA Privacy Rule changes proposed by the Department of Health and Human...

The National Institute of Standards and Technology (NIST) is planning on revising and updating its guidance on implementing the HIPAA...

There was a 38.8% increase in reported healthcare data breaches in March. 62 breaches of 500 or more records reported...

The new information blocking and interoperability regulations developed by the Department of Health and Human Services as part of the...

While data on the practice of password sharing in healthcare is limited, one survey suggests the practice of sharing EHR...

The HHS’ Office for Civil Rights has announced a settlement has been reached with Ridgewood, NJ-based Village Plastic Surgery to...

Arbour Hospital, a mental health clinic in Boston, MA, has settled a HIPAA Right of Action investigation with the HHS’...

HIPAA-covered entities and their business associates must ensure that all members of the workforce that encounter protected health information (PHI)...

The question of how often do you need HIPAA training does not have a definitive answer because the HIPAA training...

Microsoft Teams is HIPAA compliant subject to certain conditions being met. These conditions include that a Business Associate Agreement is...

Is Microsoft Office 365 HIPAA compliant? Can healthcare organizations use Office 365 and remain in compliance with HIPAA and HITECH...

The frequency of training sessions needed to comply with HIPAA can be a cause of confusion due to some sources...

A coalition of 41 state Attorneys General has agreed to settle an investigation into Retrieval-Masters Creditors Bureau dba American Medical...

Changes to the HIPAA Rules are infrequent, so when updates are proposed they tend to include a slew of new...

This week, the Arizona Supreme Court revived a HIPAA violation lawsuit filed by a Phoenix man over a privacy violation...

Humana has discovered an employee of a subcontractor of a business associate impermissibly disclosed the protected health information of 62,950...

The deadline for reporting healthcare data breaches of fewer than 500 records that were discovered in 2020 is fast approaching....

A Georgia man who falsely claimed a former acquaintance had violated patient privacy and breached the HIPAA Rules has been...

January saw a 48% month-over-month reduction in the number of healthcare data breaches of 500 or more records, falling from...

Following President Joseph R. Biden’s declaration of an emergency in the State of Texas, Norris Cochran, Acting Secretary of the...

Is Webex HIPAA compliant? Is the online meeting and web conferencing platform suitable for use by healthcare organizations or should...

The HHS’ Office for Civil Rights (OCR) has fined Sharp HealthCare $70,000 for failing to provide a patient with timely...

The Department of Health and Human Services’ Office for Civil Rights (OCR) is continuing to crackdown on noncompliance with the...

Slack is a powerful communication tool for improving collaboration, but is Slack HIPAA compliant? Can Slack be used by healthcare...

Is Shopify HIPAA compliant? The quick answer is No. But if Covered Entities or Business Associates are considering using this...

Public safety is always an important issue, but the pandemic saw public safety take on a new meaning. State, local,...

More large healthcare data breaches were reported in 2020 than in any other year since the HITECH Act called for...

Information blocking by electronic health record (EHR) vendors is still highly prevalent, despite recent policymaking that prohibits information blocking practices,...

The Biden administration has appointed Micky Tripathi as the National Coordinator for Health IT at the Department of Health and...

The Department of Health and Human Services has adopted new minimum and maximum penalties for HIPAA violations for 2020 to...

The U.S. Department of Health and Human Services has made $20 million available to improve data sharing between health information...

The Department of Health and Human Services’ Office for Civil Rights has announced it will be exercising enforcement discretion and...

2020 ended with healthcare data breaches being reported at a rate of 2 per day, which is twice the rate...

The Department of Health and Human Services’ Office for Civil Rights has announced the health insurer Excellus Health Plan has...

The U.S. Court of Appeals for the Fifth Circuit has overturned a $4,348,000 HIPAA violation penalty imposed on University of...

The HHS’ Office for Civil Rights (OCR) is continuing to crackdown on healthcare providers that are not providing patients with...

On January 5, 2020, President Trump added his signature to a bill (HR 7898) that amends the Health Information Technology...

The penalties for HIPAA violations by employees can be severe, especially those involving the theft of protected health information. HIPAA violations by employees...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has settled a HIPAA Right of Access compliance...

For the second successive month, the number of reported healthcare data breaches has fallen; however, it should be noted that...

The Department of Health and Human Services’ Office for Civil Rights has published new guidance on the Health Insurance Portability...

The Department of Health and Human Services’ Office for Civil Rights has published its 2016-2017 HIPAA Audits Industry Report, highlighting...

The Nevada-based emergency services provider SkyMed has reached a settlement with the Federal Trade Commission (FTC) following an audit of...

A new bill (HR 7898) has been passed by the House Energy and Commerce Committee which seeks to amend the...

The Department of Health and Human Services has issued a notice of proposed rulemaking detailing multiple HIPAA Privacy Rule changes...

October saw well above average numbers of data breaches reported the HHS’ Office for Civil Rights. There were 63 reported...

The HHS’ Office for Civil Rights has announced its 18th HIPAA financial penalty of the year with the 12th fine...

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced its 11th financial penalty under...

The U.S. Department of Health and Human Services’ Office for Civil Rights has announced its 10th financial penalty under its...

Wakefern Food Corporation has agreed to pay $235,000 in civil financial penalties to resolve allegations of violations of federal and...

The deadline for compliance with the information blocking and health IT certification requirements of the 21st Century Cures Act have...

The City of New Haven, Connecticut has agreed to pay a $202,400 financial penalty to the Department of Health and...

Aetna Life Insurance Company and the affiliated covered entity (Aetna) has agreed to settle multiple potential HIPAA violations with the...

September has been a bad month for data breaches. 95 data breaches of 500 or more records were reported by...

The HHS’ Office for Civil Rights (OCR) is continuing its crackdown on healthcare providers that are not fully complying with...

Franklin, TN-based Community Health Systems and its subsidiary CHSPCS LLC have settled a multi-state action with 28 state attorneys general...

The Department of Health and Human Services’ Office for Civil Rights has announced its 12th HIPAA penalty of 2020 and...

A healthcare worker who was accused of violating Health Insurance Portability and Accountability Act (HIPAA) Rules and patient privacy by...

The Indianapolis, IN-based health insurer Anthem Inc. has settled a multi-state investigation by state attorneys general over its 78.8 million...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has imposed a $6.85 million HIPAA penalty on...

The Department of Health and Human Services’ Office for Civil Rights has announced its 10th HIPAA violation fine of 2020....

The HHS’ Office for Civil Rights has announced a $1.5 million settlement has been reached with Athens Orthopedic Clinic PA...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that a new version of its...

The Department of Health and Human Services’ Office for Civil Rights has announced five settlements have been reached to resolve...

The Department of Health and Human Services’ Office for Civil Rights has announced it has published additional resources for mobile...

The American College of Radiology, the Society for Imaging Informatics in Medicine, and the Radiological Society of North America have...

The Secretary of the HHS, Alex Azar, has declared a public health emergency exists in the states of Louisiana and...

The risk analysis is one of the most important requirements of the HIPAA Security Rule, yet it is one of...

The Department of Veteran Affairs (VA) Office of Inspector General (OIG) has conducted a review of VA facilities and community...

Is Zelle HIPAA Compliant? Several sources discussing is Zelle HIPAA compliant appear to be under the impression that Covered Entities...

The House of Representatives has voted to lift the ban on the Department of Health and Human Services using federal...

The HHS’ Office for Civil Rights has imposed a $1,040,000 HIPAA penalty on Lifespan Health System Affiliated Covered Entity (Lifespan...

The HHS’ Office for Civil Rights (OCR) has announced a $25,000 settlement has been reached with Metropolitan Community Health Services...

If you are a healthcare organization in the United States that is required to comply wit the Health Insurance Portability...

When patients contract an infectious respiratory disease such as COVID-19, the immune system develops antibodies that provide protection if the...

Compliancy Group has announced that Safe Partner Inc. has demonstrated it has implemented an effective HIPAA compliance program and has...

Ann & Robert H. Lurie Children’s Hospital of Chicago has terminated an employee for improperly accessing the medical records of...

The HHS’ Office for Civil Rights (OCR) has issued guidance to healthcare providers to remind them that the HIPAA Privacy...

There has been a significant improvement in compliance with the HIPAA Right of Access, according to the latest Patient Record...

The HHS will be exercising enforcement discretion in relation to compliance with the new interoperability and information sharing rules that...

On Tuesday, the HHS’ Office of inspector General (OIG) proposed a rule that amends civil monetary penalty rules to also...

The McHenry County Health Department in Illinois has been refusing to provide the names of COVID-19 patients to 911 dispatchers...

The HHS has issued a Notice of Enforcement Discretion covering healthcare providers and business associates that participate in the operation...

On April 2, 2020, the Department of Health and Human Services announced that with immediate effect, it will be exercising...

The Department of Health and Human Services’ Centers for Medicare and Medicaid Services (CMS) has announced a set of sweeping...

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has issued further guidance on HIPAA and...

In an effort to prevent the spread of the 2019 novel coronavirus, patients suspected of being exposed to the virus...

There were 39 reported healthcare data breaches of 500 or more records in February and 1,531,855 records were breached, which...

On March 22, 2020, the HHS’ Centers for Medicare and Medicaid Services (CMS) announced it is easing the burden on...