HIPAA Blog

OCR’s Guidance to HIPAA & Cloud Computing

We have previously posted about HHS/OCR’s Guidance on HIPAA & Cloud Computing. The guidance is presented in question and answer form. To see the full guidance, you can go to the OCR page.   Below are the 11 questions with partial answers to keep this brief but provide a good overview: Questions 1. May a …

The post OCR’s Guidance to HIPAA & Cloud Computing appeared first on HIPAA Secure Now!.

Hospital fined $400,000 for obsolete Business Associate Agreements

In a clear message to healthcare organizations, The U.S. Department of Health and Human Services Office of Civil Rights (OCR), fined Women & Infants Hospital of Rhode Island (WIH) for not having updated HIPAA Business Associate Agreements. WIH provided OCR with a business associate agreement with Care New England Health System effective March 15, 2005, …

The post Hospital fined $400,000 for obsolete Business Associate Agreements appeared first on HIPAA Secure Now!.

Dropbox Data Breach and Phishing Scams

Dropbox, the popular file sharing service, has experienced a data breach that could affect up to 60 million users. Dropbox is urging their users to change their passwords immediately. In addition, we are seeing an increase in Dropbox related phishing emails. In this security tip video, we show you real examples of Dropbox related phishing …

The post Dropbox Data Breach and Phishing Scams appeared first on HIPAA Secure Now!.

Athens Orthopedic won’t pay for credit monitoring in data breach

Data breaches are happening on a frequent basis.  You can’t read the news or watch TV without hearing about another data breach. While a company may give out some details of a data breach, the financial details of what the data breach will cost a company usually are not disclosed.  This is especially true with …

The post Athens Orthopedic won’t pay for credit monitoring in data breach appeared first on HIPAA Secure Now!.

Healthcare software bugs have big consequences

Almost all software programs have bugs in their code.  The bugs may be security holes, problems displaying pages on mobile devices or inaccurately displaying results in reports to name a few. So it should be no shock that electronic health record (EHR) systems would have bugs as well.  EHRs are complex software programs and are …

The post Healthcare software bugs have big consequences appeared first on HIPAA Secure Now!.

HHS Office for Civil Rights releases ransomware guidance

There has been a lot of articles written lately about the threat of ransomware to healthcare organizations. Hollywood Presbyterian Medical Center paid a $17,000 ransom to regain access to their systems after they were infected with ransomware.  Several other hospitals have been ransomware victims and countless other medical practices have fallen victim as well. There …

The post HHS Office for Civil Rights releases ransomware guidance appeared first on HIPAA Secure Now!.

Don’t Let HIPAA Audits, Ransomware Sink Your Practice

HIPAA Secure Now! President and CEO writes an article for Physicians Practice called: Don’t Let HIPAA Audits, Ransomware Sink Your Practice At the same time medical practices are faced with the increased likelihood of a HIPAA audit, hackers hover around waiting to steal patients’ personal data and/or hold it hostage through ransomware scams. These practices …

The post Don’t Let HIPAA Audits, Ransomware Sink Your Practice appeared first on HIPAA Secure Now!.

Becker’s: 8 HIPAA compliance best practices

A recent article over at Becker’s Spine Review, discusses some of the “low hanging fruit of HIPAA compliance”. They give 8 best practices for being HIPAA compliant. For the article they interviewed David Holtzman, JD, CIPP, vice president of compliance strategies, Cynergistek and Aaron Tantleff, partner and intellectual property lawyer with Foley & Lardner LLP. Encrypt health information.  The …

The post Becker’s: 8 HIPAA compliance best practices appeared first on HIPAA Secure Now!.

Sign Up to Receive Our HIPAA Newsletter!

Fill out the form below:

  • This field is for validation purposes and should be left unchanged.

Archives