Books and HIPAA - Health Care Compliance Brief

The Limits of HIPAA Auditing and What Needs to Change

Healthcare IT Today

APRIL 10, 2025

Despite the stringent requirements outlined in the Health Insurance Portability and Accountability Act (HIPAA), enforcement remains alarmingly limited. Compounding this issue, OCR may now have even fewer resources to enforce HIPAA regulations amid shifting federal priorities and ongoing budget cuts in Washington.

HIPAA

HIPAA Compliance Framework Compliance Governance

Is Bookly HIPAA-Compliant?

HIPAA Vault

FEBRUARY 22, 2023

Are online scheduling plugins for healthcare HIPAA compliant?

HIPAA

CISA, FBI warn health systems and others of Clop MFT ransomware tactics

Healthcare It News

JUNE 13, 2023

Users can build HIPAA-compliant healthcare applications, for example, and MOVEit controls data transfers with encryption, tracking and access controls. Bad actors submitted them to medical facilities and booked telehealth appointments in the hope that a provider would open the document, infecting its network, before a scheduled appointment.

Ransomware

Ransomware Public Health HIPAA

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

How to Handle Subcontractors Under HIPAA

Total HIPAA

AUGUST 16, 2023

By signing a BAA, the company is stating that they have their own HIPAA compliance approach which meets the law’s requirements. It is still the responsibility of the covered entity to make sure they only sign Business Associate Agreements with business associates who are truly HIPAA compliant.

HIPAA

HIPAA Compliance

Six Compelling Reasons to Begin Your HIPAA Compliance Journey Before the Year Ends

Total HIPAA

NOVEMBER 15, 2023

As 2023 unfolds, the urgency for entities in the healthcare sector to initiate or reinforce their HIPAA compliance cannot be overstated. Prove Your Due Diligence The decision to postpone setting up comprehensive policies, procedures, and HIPAA training could be detrimental. This first impression can be pivotal in an audit scenario.

HIPAA

HIPAA Compliance Due Diligence Health Insurance

Cerebral Admits HIPAA Breach, Reports Leak of Data On 3.1 Million Users

Healthcare IT Today

MARCH 24, 2023

Cerebral’s investigation concluded that the data might be considered protected health information and that it had failed to make sure that these third parties met HIPAA requirements for protecting PHI. Its leaders found that the tracking technology used to mine user data had disclosed information to third parties and subcontractors.

HIPAA

HIPAA Health Insurance Governance Telemedicine

Understanding the Common Agency Provision in HIPAA – aka “Basis for a Civil Money Penalty,” or 45 CFR § 160.402

Total HIPAA

SEPTEMBER 12, 2023

In the extensive world of rules and regulations related to HIPAA, it’s crucial to have a clear grasp of specific rules for both legal and ethical reasons. ” This rule serves as a central reference point for organizations that are subject to the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA

HIPAA Compliance Health Insurance Doctors

Freshpaint Launches Ad Performance for Healthcare Marketers

HIT Consultant

FEBRUARY 3, 2025

This fragmentation makes it difficult to link digital advertising performance to critical outcomes like booked appointments, attended visits, and generated revenue. In addition, privacy regulations like HIPAA and legal challenges restrict access to the data that fuels optimization in other industries.

HIPAA

HIPAA Compliance

Meta Facing Further Class Action Lawsuit Over Use of Meta Pixel Code on Hospital Websites

HIPAA Journal

AUGUST 1, 2022

If the code is present on a web page with a form, such as those used to book appointments, the selections from drop-down boxes are recorded and transmitted. Those selections could indicate a patient’s medical condition or why an appointment has been booked. The code records and transmits to Meta the web pages that a user visits.

Hospitals

Hospitals HIPAA Fraud

Klarity Health Launches Kiwi Health to Empower Independent Providers

HIT Consultant

MARCH 25, 2025

Research shows 77% of patients research doctors online before booking, 61% have skipped visits due to cumbersome scheduling, and a 5% increase in patient loyalty can boost practice revenue by 25%. Kiwi Health, a key component of Klarity Healths ecosystem, enhances independent provider visibility and accessibility at every patient touchpoint.

Doctors

Doctors HIPAA Compliance Hospitals

Why We Should Care About the Move from Saliva to Living Cells in Precision Medicine

Bill of Health

OCTOBER 17, 2023

While collecting and isolating DNA samples from saliva may offer a wealth of information regarding heredity, disease risk, and other outflows of the “instruction manual” for patients, analyzing cells captures the minutiae of patients that goes “beyond the book” and most closely informs pathology.

FDA

FDA HIPAA Informed Consent

Ransomware Attack Announced by Codman Square Health Center

HIPAA Journal

MARCH 10, 2023

The list included patient names, dates of birth, medical record numbers, appointment dates/times, and a brief description of why the appointment was booked. The risk of misuse of the data is believed to be low, but notification letters have been sent alerting patients about the HIPAA breach.

Ransomware

Ransomware HIPAA

Microsoft Cloud for Healthcare will be generally available October 30

Healthcare IT News - Telehealth

SEPTEMBER 23, 2020

The system also incorporates the Bookings app into Microsoft Teams, which is HIPAA-compliant, to smooth the process of conducting telehealth appointments. Care teams can use FHIR, IoT, EHR and other applications to make decisions around patient treatment plans, according to the company.

COVID-19

COVID-19 HIPAA

Who is Responsible for Employee Health Information?

Total HIPAA

OCTOBER 18, 2023

HIPAA applies to employers when the organization has a self-funded or level-funded health plan. Now, when does HIPAA become relevant for employers? HIPAA comes into play when an employer chooses to self-insure or go with a level-funded plan, which means they assume the financial risk of providing health benefits to their employees.

ADA

ADA HIPAA Compliance Health Insurance

Leveraging the cloud and AI to transform the patient experience

Healthcare It News

AUGUST 4, 2022

IVAs enable healthcare organizations to quickly scale their staff with a "digital workforce" that can handle simple interactions such as booking an appointment or refilling a prescription 24/7. With the exponential increase in demand for patient engagement, AI and automation play a critical role. Twitter: @SiwickiHealthIT.

Nurses

Nurses HIPAA Compliance

The Pace of Tech-Adoption Grows Among Older Americans, AARP Finds – But Privacy Concerns May Limit Adoption

Health Populi

JANUARY 28, 2020

Under the current privacy regime of HIPAA for healthcare, indeed, we are. “HIPAA, as passed in 1996 and amended in 2009 through the Health Information Technology for Economic and Clinical Health (HITECH) Act, defines privacy through a sectoral lens. legislators can get on the same privacy page.

HIPAA

HIPAA Health Insurance Doctors

Five Strategies for Aligning Human Behavior With Your Compliance Program

YouCompli

JANUARY 15, 2025

In a book called Humanizing Rules, former regulator and compliance officer/author Christian Hunt points out that if one person breaks a rule, youve got a people problem. In a book called Ethics and Compliance for Humans , author Adam Balfour advocates for starting with the why behind the policy.

Compliance

Compliance Compliance Officers Nurses HIPAA

Study Reveals One Third of Top 100 U.S. Hospitals are Sending Patient Data to Facebook

HIPAA Journal

JUNE 17, 2022

The Markup said there did not appear to be any business associate agreements between the hospitals and Meta that would allow the data sharing under the HIPAA Rules, and express consent from patients authorizing the sharing of data with Meta did not appear to have been obtained, suggesting potential HIPAA violations.

Hospitals

Hospitals HIPAA Compliance

Zocdoc Expands Beyond Marketplace with Launch of Zocdoc Practice Solutions

HIT Consultant

SEPTEMBER 19, 2023

What You Should Know: Zocdoc, the leading healthcare marketplace that makes it easy for patients to find and book in-person or virtual care across over 250 specialties and more than 18,000 insurance plans, today announced the launch of Zocdoc Practice Solutions.

HIPAA

Innovaccer Launches ’Agents of Care ᵀᴹ’ for Enhanced Care Delivery

HIT Consultant

FEBRUARY 17, 2025

Their core functionalities include: Scheduling Agent Automates patient appointment booking, rescheduling, and management. Security and compliance remain a priority, with Agents of Care adhering to industry-leading standards, including NIST CSF, HIPAA, HITRUST, SOC 2 Type II, and ISO 27001.

Health Outcomes

Health Outcomes HIPAA Governance Compliance

Pixel Use Results in Impermissible Disclosure of the PHI 3.1 Million Cerebral Platform Users

HIPAA Journal

MARCH 10, 2023

On January 3, 2023, Cerebral said it discovered pixels and other tracking technologies on its platform had collected and transferred sensitive HIPAA-protected information to third parties such as Meta (Facebook), Google, TikTok, and others. Million Cerebral Platform Users appeared first on HIPAA Journal.

HIPAA

HIPAA Health Insurance

HIPAA Compliance in Marketing and Communications for Insurance Agents

Total HIPAA

MARCH 23, 2022

If so, you must comply with the Health Insurance Portability and Accountability Act (HIPAA) when it comes to marketing and communications. In this blog post, we’ll cover some essential considerations that insurance agents should keep in mind to ensure HIPAA compliance in their marketing and communications. HHS.gov, [link].

HIPAA

HIPAA Compliance Health Insurance

Best HIPAA Compliant Email Encryption Services

Total HIPAA

APRIL 20, 2020

In this blog post, we review nine email encryption vendors ( Barracuda, Egress, Hushmail, Indentillect, MailHippo, LuxSci, Protected Trust, Rmail, & Virtru ) who provide HIPAA compliant email encryption services that will keep your information safe when in transit. Barracuda – HIPAA Compliant Email Encryption Service.

HIPAA

HIPAA Compliance COVID-19 Licensing

UC San Diego Health Announces Impermissible Disclosure of Patient Data Due to Website Analytics Code

HIPAA Journal

MARCH 20, 2023

The analytics code captured limited data of visitors to the scheduling websites who booked in-person or telehealth appointments. The post UC San Diego Health Announces Impermissible Disclosure of Patient Data Due to Website Analytics Code appeared first on HIPAA Journal. PPO, HMO, Other).

HIPAA

Telehealth services expand at state level, but adoption barriers remain

Healthcare IT News - Telehealth

JULY 19, 2019

" She explained the findings of this report could be leveraged to make an argument to states in favor of the pro-telehealth policies of their neighbors and even how additional policies line up with the existing laws on that state's books.

Telemedicine

Telemedicine Medicaid Medicaid HIPAA

Limiting PHI Exposure with HIPAA Access Management and Controls

Compliancy Group

OCTOBER 19, 2022

Implementing HIPAA access controls and having an access management system reduces the likelihood of unauthorized access to protected health information (PHI). What is HIPAA Access Management? . HIPAA access management is an integral part of security and compliance. Security in HIPAA Compliance. Find Out More!

HIPAA

HIPAA Compliance Doctors Governance

Change Healthcare Breach, Plus 12 Other Massive Breaches in 2024

Compliancy Group

JANUARY 31, 2025

Last year was truly one for the books, with 13 breaches affecting more than one million patients. Failing to vet your vendors can lead to HIPAA violations (although its not clear if this was the case with HealthEquity). However, new reports now put that number at a whopping 190,000,000 the largest data breach ever reported.

Ransomware

Ransomware HIPAA Medicare Medicare

Navigating New Horizons: 2023 HIPAA Rule Changes and PHI

Total HIPAA

MAY 31, 2023

HIPAA (Health Insurance Portability and Accountability Act) has evolved over the years to adapt to advancements in healthcare and technology. The 2013 HIPAA Omnibus Final Rule expanded its scope, and now the HIPAA Privacy Rule is set to change again in 2023. HIPAA’s Evolution: HIPAA has been crucial in U.S.

HIPAA

HIPAA Compliance Health Insurance

Artificial Intelligence in HIPAA Compliance

Total HIPAA

AUGUST 30, 2023

Users can tell a language model exactly what they are looking for as far as tone, and they can ask the AI to rewrite sentences and create summaries which is useful for creating HIPAA Policies and Procedures for Privacy and Security of PHI. Book a Clarity Call today to learn more about HIPAA Prime!

HIPAA

HIPAA Compliance

What is Access Control in terms of HIPAA?

Total HIPAA

DECEMBER 4, 2023

HIPAA Prime Our service, HIPAA Prime, offers a structured path towards compliance, including crucial steps like a Risk Assessment and subsequent reviews. This process not only enhances your cybersecurity but also stands as evidence of your commitment to HIPAA compliance. The post What is Access Control in terms of HIPAA?

HIPAA

HIPAA Compliance

Patient engagement tools can speed, streamline COVID-19 vaccine rollout

Healthcare IT News - Telehealth

JANUARY 4, 2021

For instance, at the time of his interview with Healthcare IT News , de Zwirek noted that it had taken him a full hour to book an appointment to get himself and his family tested for COVID-19 after an exposure, "with 12 different phone calls." But he said bundling workflows into the portal inevitably creates friction.

COVID-19 Vaccine

COVID-19 Vaccine COVID-19 Doctors HIPAA

How to get clinicians more comfortable with delivering telemedicine

Healthcare IT News - Telehealth

DECEMBER 13, 2021

Healthcare IT News interviewed Dr. Richard Tytus, associate clinical professor at McMaster University and cofounder and medical director of Banty, a vendor of a HIPAA-compliant video platform used for telemedicine. Clinics would ask these patients to book an online appointment and go through the process.

Telemedicine

Telemedicine Doctors COVID-19 Nurses

Interpreting The Confidentiality of Substance Use Disorder (SUD) Patient Records Law (42 CFR Part 2)

Total HIPAA

AUGUST 2, 2023

To ensure the protection of sensitive information related to Substance Use Disorder (SUD) patients, the US Department of Health and Human Services and The Substance Abuse and Mental Health Services Administration (HHS and SAMHSA) collaborated to create the HIPAA Drug and Alcohol Records Law, also known as 42 CFR Part 2.

US Department of Health and Human Services

US Department of Health and Human Services HIPAA Medical Personnel Health Services Administration

How to Fail a HIPAA Audit as an Employer

Total HIPAA

JUNE 28, 2023

You may have been wondering if this means you’ll have to do something about “HIPAA”. This means you need to be HIPAA compliant as an employer. HIPAA compliance means having a plan. Here are three common pitfalls to look out for in your HIPAA Compliance Plan: 1.

HIPAA

HIPAA Compliance Officers Compliance Ransomware

The Promise of Digital Health and the Privacy Perils – HealthConsuming Explains, Part 4

Health Populi

MAY 2, 2019

Chapter 5 of my book, HealthConsuming: From Health Consumer to Health Citizen , details the promise of digital health: wearable, shareable and virtual. Dr. Eric Topol recommended this in his book, The Patient Will See You Now. There are mobile apps and remote health monitors, digital therapeutics and wearable tech from head-to-toe.

HIPAA

HIPAA Health Care Access Hospitals

University of Iowa Hospitals and Clinics Sued for Unlawful Disclosures of PHI to Facebook

HIPAA Journal

MAY 10, 2023

The lawsuit claims UIHC manages or controls two websites that are used for booking appointments, locating treatment facilities and physicians, and registering patients for events and classes. The post University of Iowa Hospitals and Clinics Sued for Unlawful Disclosures of PHI to Facebook appeared first on HIPAA Journal.

Hospitals

Hospitals HIPAA Fraud

Building a Culture of Compliance

Total HIPAA

OCTOBER 3, 2023

That could include things like requiring a password manager, multi-factor (MFA) authentication, and taking HIPAA training every year. Since publication of these incidents is required, it is less and less possible to claim ignorance to the importance of being HIPAA compliant.

Compliance

Compliance Due Diligence HIPAA Compliance Officers

Recommended HIPAA Compliant Email Encryption Services

Total HIPAA

MARCH 29, 2023

In this blog post, we review nine email encryption vendors ( Barracuda, Egress, Hushmail, Indentillect, LuxSci, MailHippo, NeoCertified, Protected Trust, ProtonMail, Rmail, & Virtru ) who provide HIPAA compliant email encryption services that will keep your information safe when in transit. Setup takes less than 30 minutes.

HIPAA

HIPAA Compliance Licensing COVID-19

Artificial Intelligence in Healthcare

Total HIPAA

AUGUST 30, 2023

Users can tell a language model exactly what they are looking for as far as tone, and they can ask the AI to rewrite sentences and create summaries which is useful for creating HIPAA Policies and Procedures for Privacy and Security of PHI. Book a Clarity Call today to learn more about HIPAA Prime!

HIPAA

HIPAA Compliance

IKS Health Purchases AQuity Solutions to Create the Most Comprehensive Provider of Administrative, Clinical and Financial Services for Healthcare Organizations in the U.S.

Healthcare IT Today

NOVEMBER 22, 2023

IKS’s cloud-based, HIPAA-compliant platform integrates with all EHR and Enterprise Practice Management systems. “Our award-winning solutions have been recognized by KLAS and Black Book as market-leading, highlighting our ability to drive superior outcomes for our clients. India , Australia , Canada , and the U.K.

Hospitals

Hospitals HIPAA

Health Consumers Keen to Share and Download Data, But Privacy Remains a Concern

Health Populi

SEPTEMBER 20, 2020

I called this out in my 2019 book, HealthConsuming: from health consumer to health citizen. This is particularly concerning when personal health data is downloaded to an app that may fall out of the protection of HIPAA. This study re-confirms the current state of the health consumer who has a “concerned embrace” of technology.

COVID-19

COVID-19 Governance Doctors HIPAA

LinkedIn, Meta, and Healthcare Companies Sued for Using Tracking Tools

HIPAA Journal

NOVEMBER 7, 2024

The plaintiff used the Spring Fertility website to book a consultation while maintaining accounts on Facebook and LinkedIn. The post LinkedIn, Meta, and Healthcare Companies Sued for Using Tracking Tools appeared first on The HIPAA Journal.

HIPAA

HIPAA Compliance

How AI Can Help with Patient Self-Scheduling

HIT Consultant

NOVEMBER 9, 2023

Meanwhile, healthcare staff are drowning in relentless scheduling calls and laborious booking procedures that leave them exhausted and burnt out. This means the burden still falls on overburdened staff members to book complicated appointments that EHR templates can’t automate. Clearly, the current system isn’t working for anybody.

Compliance

Compliance Doctors HIPAA Governance

Fueling Innovation in Healthcare by Scaling Access to Protected Data

Healthcare IT Today

APRIL 27, 2023

Everyone has heard of HIPAA , which was enacted to protect patients’ health information from disclosure without their consent or knowledge. Dr. Kapa has published over 200 peer-reviewed articles and book chapters, given hundreds of guest lectures, and filed over 30 patents that serve as the foundation for healthcare startups.

HIPAA

HIPAA Compliance Hospitals

The Limits of HIPAA Auditing and What Needs to Change

Is Bookly HIPAA-Compliant?

Webinars

Trending Sources

CISA, FBI warn health systems and others of Clop MFT ransomware tactics

Webinars

How to Handle Subcontractors Under HIPAA

Six Compelling Reasons to Begin Your HIPAA Compliance Journey Before the Year Ends

Cerebral Admits HIPAA Breach, Reports Leak of Data On 3.1 Million Users

Understanding the Common Agency Provision in HIPAA – aka “Basis for a Civil Money Penalty,” or 45 CFR § 160.402

Freshpaint Launches Ad Performance for Healthcare Marketers

Meta Facing Further Class Action Lawsuit Over Use of Meta Pixel Code on Hospital Websites

Klarity Health Launches Kiwi Health to Empower Independent Providers

Why We Should Care About the Move from Saliva to Living Cells in Precision Medicine

Ransomware Attack Announced by Codman Square Health Center

Microsoft Cloud for Healthcare will be generally available October 30

Who is Responsible for Employee Health Information?

Leveraging the cloud and AI to transform the patient experience

The Pace of Tech-Adoption Grows Among Older Americans, AARP Finds – But Privacy Concerns May Limit Adoption

Five Strategies for Aligning Human Behavior With Your Compliance Program

Study Reveals One Third of Top 100 U.S. Hospitals are Sending Patient Data to Facebook

Zocdoc Expands Beyond Marketplace with Launch of Zocdoc Practice Solutions

Innovaccer Launches ’Agents of Care ᵀᴹ’ for Enhanced Care Delivery

Pixel Use Results in Impermissible Disclosure of the PHI 3.1 Million Cerebral Platform Users

HIPAA Compliance in Marketing and Communications for Insurance Agents

Best HIPAA Compliant Email Encryption Services

UC San Diego Health Announces Impermissible Disclosure of Patient Data Due to Website Analytics Code

Telehealth services expand at state level, but adoption barriers remain

Limiting PHI Exposure with HIPAA Access Management and Controls

Change Healthcare Breach, Plus 12 Other Massive Breaches in 2024

Navigating New Horizons: 2023 HIPAA Rule Changes and PHI

Artificial Intelligence in HIPAA Compliance

What is Access Control in terms of HIPAA?

Patient engagement tools can speed, streamline COVID-19 vaccine rollout

How to get clinicians more comfortable with delivering telemedicine

Interpreting The Confidentiality of Substance Use Disorder (SUD) Patient Records Law (42 CFR Part 2)

How to Fail a HIPAA Audit as an Employer

The Promise of Digital Health and the Privacy Perils – HealthConsuming Explains, Part 4

University of Iowa Hospitals and Clinics Sued for Unlawful Disclosures of PHI to Facebook

Building a Culture of Compliance

Recommended HIPAA Compliant Email Encryption Services

Artificial Intelligence in Healthcare

IKS Health Purchases AQuity Solutions to Create the Most Comprehensive Provider of Administrative, Clinical and Financial Services for Healthcare Organizations in the U.S.

Health Consumers Keen to Share and Download Data, But Privacy Remains a Concern

LinkedIn, Meta, and Healthcare Companies Sued for Using Tracking Tools

How AI Can Help with Patient Self-Scheduling

Fueling Innovation in Healthcare by Scaling Access to Protected Data

Stay Connected