Immigration advocates have alleged that a Texas clinic violated health care privacy laws by calling the police when a woman gave a fake driver’s license as authentication to receive medical services. But if the clinic provided services to someone who was clearly not using proper identification, it could be aiding the commission of medical identity … Continue Reading
On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of significant industry speculation, came in response to two related reports on OCR’s oversight and enforcement of … Continue Reading
Now even the fitness tracker you wear on your wrist is compliant with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. Fitbit’s Corporate Wellness team is one of the fastest growing sectors of the company, and Fitbit voluntarily took this “proactive step” to implement a HIPAA compliance program so that it could broaden … Continue Reading
On September 2, 2015, the U.S. Department of Health & Human Services (HHS) announced that Cancer Care Group, P.C. (CCG), a physician practice located in Indiana, agreed to pay $750,000 as part of a settlement to resolve alleged violations of HIPAA’s Security and Privacy Rules. The HHS Office for Civil Rights (OCR) initiated an investigation … Continue Reading
According to a recent survey by KPMG, eighty percent (80%) of health care executives report that their information technology systems have been compromised by cyber attacks. Most healthcare institutions, the survey found, lack sufficient tracking and reporting capabilities and are failing to report and manage threats that are occurring on a daily basis. Daily threats … Continue Reading
Using the Maryland Consumer Protection Act, Maryland Attorney General Brian Frosh has announced that eye care retailer Visionworks, Inc. has agreed to pay the state of Maryland $100,000 and enhance its security measures following an investigation into two security incidents that occurred in 2014. When it was upgrading its Annapolis, Maryland and Jacksonville, Florida stores … Continue Reading
These days information security is on the minds of virtually all technology professionals and business executives alike. But how does an organization ensure that its security profile is adequate. It can certainly help to subscribe to a security framework. What is a security framework and which should I consider for my organization? A security framework can … Continue Reading
Advanced Data Processing, Inc. and Intermedix Corp. were sued in federal court in Florida last week for violating the Health Insurance Portability and Accountability Act (HIPAA) for failing to protect the health information of “potentially millions” of individuals. Plaintiffs allege that for several months in 2012, an employee of Intermedix viewed health information of patients … Continue Reading
The Department of Health and Human Services (HHS) has released a fact sheet on the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (HIPAA). Designed to apply to HIPAA-covered entities, including health care organizations, health care plans, providers, and their business associates, the fact sheet provides a basic overview … Continue Reading
Reports of security breaches involving health care information have become increasingly prevalent in recent years, and such breaches seem to be continually growing in scope and magnitude. In the April 14, 2015, issue of JAMA, the Journal of the American Medical Association, three California researchers led by Dr. Vincent Liu (hereinafter Liu et al.) sought … Continue Reading
In a scathing report released last Friday, the Department of Health and Human Services Office of the National Coordinator (ONC) accused hospitals and software vendors of preventing the sharing of health information in order for hospitals to prevent patients from being referred to or seeking treatment at nonaffiliated providers and electronic medical record vendors to … Continue Reading
