Download, Health Insurance and HIPAA - Health Care Compliance Brief

Your Organization’s Guide to Handling HIPAA Documents

Compliancy Group

DECEMBER 27, 2024

A critical job of compliance officers is handling HIPAA documentation, which makes it possible to provide employee training, outline correct procedures, and prove compliance with healthcare regulations. Patient consent form: Although not required by HIPAA, this form obtains the patients written informed consent for treatment.

HIPAA

HIPAA Compliance Informed Consent Compliance Officers

HIPAA Law and Employers

HIPAA Journal

JANUARY 1, 2023

Throughout the text of the Health Insurance Portability and Accountability Act (HIPAA) a lot of content connects HIPAA law and employers. However, the most complex areas of HIPAA compliance for employers are the Administrative Simplification Regulations in Title II. When is an Employer a HIPAA-Covered Entity?

HIPAA

HIPAA Compliance Health Insurance

Colorado Eye Clinic Investigating Suspected Ransomware Attack

HIPAA Journal

MARCH 25, 2025

A third-party digital forensics firm assisted with the investigation and confirmed that the account contents had been downloaded. The post Colorado Eye Clinic Investigating Suspected Ransomware Attack appeared first on The HIPAA Journal. On January 21, 2025, Meigs EMS identified unauthorized access to an employee email account.

Ransomware

Ransomware Licensing Electronic Medical Records Health Insurance

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

HIPAA Social Media Rules

HIPAA Journal

DECEMBER 31, 2022

HIPAA was enacted several years before social media networks such as Facebook and Instagram existed, so there are no specific HIPAA compliance rules for social media. There are many benefits to be gained from using social media if your organization is a HIPAA Covered Entity or Business Associate.

HIPAA

HIPAA Compliance Health Insurance Public Health

How Healthcare Communication Platforms Can Harness Generative AI in a HIPAA-Compliant Way

Healthcare IT Today

OCTOBER 20, 2023

The Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) is a federal law that safeguards sensitive patient health information (PHI) from being disclosed. But, more importantly, know how to implement them in a HIPAA-compliant way to keep patients and their data safe.

HIPAA

HIPAA Informed Consent Nurses Compliance

HHS Warns HIPAA Covered Entities and Business Associates That Use of Website Cookies, Pixels and Other Tracking Technology May Violate HIPAA Rules

Health Law Advisor

DECEMBER 5, 2022

The bulletin advises that “[r]egulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures of Protected Health Information (“PHI”) to tracking technology vendors or any other violations of the HIPAA Rules.”

HIPAA

HIPAA Doctors Health Insurance Compliance

Protected Health Information Stolen in HealthEquity SharePoint Breach

HIPAA Journal

JULY 5, 2024

An investigation was launched which determined that between November 2, 2023, and March 29, 2024, the vendor accessed and downloaded information from a Kairos database. No Social Security numbers, driver’s license numbers, or financial account information were accessed or downloaded.

Licensing

Licensing HIPAA Health Insurance

The Most Common HIPAA Violations You Should Avoid

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules.

HIPAA

HIPAA Compliance Hospitals Medicare

Fitzgibbon Hospital, Diskriter, Christiana Spine Center Suffer Ransomware Attacks

HIPAA Journal

JUNE 29, 2022

On June 25, 2022, a spokesperson for a threat group called DAIXIN Team contacted HIPAA Journal to share information about a ransomware attack and data theft incident at Fitzgibbon Hospital in Marshall, Missouri. DAIXIN Team was previously not known to HIPAA Journal and appears to be a new ransomware group.

Ransomware

Ransomware Hospitals HIPAA Health Insurance

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

On August 5, 2022, Anthem discovered that an unauthorized individual had gained access to a database and downloaded files containing plan members’ protected health information, including names, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, and Medicaid ID numbers.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Email Account Breaches Reported by Allaire Healthcare Group and Platinum Hospitalists

HIPAA Journal

JUNE 9, 2022

The forensic investigation found no evidence to suggest any of that information was viewed or downloaded, and no reports have been received of any instances of actual or attempted misuse of the data. The post Email Account Breaches Reported by Allaire Healthcare Group and Platinum Hospitalists appeared first on HIPAA Journal.

Licensing

Licensing HIPAA Health Insurance Hospitals

Hacking and IT Incidents Affect 563,000 Patients and Health Plan Members

HIPAA Journal

DECEMBER 1, 2022

An unauthorized individual was found to have gained access to its network and downloaded files containing the protected health information of 45,785 patients. California Health Insurance Agency Suffers Data Breach Affecting 14,600 Patients.

Health Insurance

Health Insurance Ransomware HIPAA Governance

Texas Retina Associates Cyberattack Affects 312,000 Patients

HIPAA Journal

JULY 3, 2024

The file review confirmed that the exposed data included first and last name, address, phone number, email address, birth date, gender, Social Security number, medical record number, clinical information, prescription information, medical information, health information, and health insurance information.

Ransomware

Ransomware Health Insurance Hospitals HIPAA

HIPAA Compliance Checklist For Healthcare Leaders

MedTrainer

JULY 25, 2024

Adhering to the Health Insurance Portability and Accountability Act (HIPAA) standards is crucial to uphold compliance and regulatory requirements for any health organization. What Is HIPAA? HIPAA, enacted in 1996, originally aimed to improve health insurance portability and reduce healthcare fraud.

HIPAA

HIPAA Compliance Health Insurance Fraud

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

HIPAA Journal

APRIL 1, 2022

Last week, SRHD confirmed that the email account contained the protected health information of 1,260 individuals. That information may have been ‘previewed’ by an unauthorized individual, although no evidence was found to suggest information had been accessed or downloaded.

Fraud

Fraud HIPAA Licensing Health Insurance

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

HIPAA Journal

APRIL 18, 2022

numbers, financial account numbers, passport numbers, medical information, and/or health insurance information. While unauthorized email account access was confirmed, it was not possible to tell if any emails or attachments in the accounts had been viewed or downloaded.

Licensing

Licensing HIPAA Health Insurance Hospitals

Hackers Compromised Sharp HealthCare Web Server and Stole Patient Data

HIPAA Journal

FEBRUARY 8, 2023

During that time the third party downloaded a file that contained patient data. Financial information, contact information, dates of birth, Social Security numbers, health insurance information, or medical information were not accessed or stolen in the attack.

Medical Billing

Medical Billing HIPAA Health Insurance

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

The files exfiltrated from its systems included the protected health information of patients. Assisted by a third-party cybersecurity firm, APTG determined on January 7, 2022, that files containing the protected health information of 14,970 patients may have been exfiltrated from its network between December 23, 2021, and December 28, 2021.

Ransomware

Ransomware Licensing Health Insurance HIPAA

HIPAA Incident Response Requirements

MedTrainer

FEBRUARY 21, 2024

The Health Insurance Portability and Accountability Act (HIPAA) requires a deep understanding of not only the law itself but also the HIPAA incident response requirements mandated by the Department of Health and Human Services’ Office of Civil Rights (OCR). What is a HIPAA Incident?

HIPAA

HIPAA Compliance Health Insurance Compliance Officers

What is HIPAA Compliance in Healthcare?

MedTrainer

MARCH 8, 2024

The Health Insurance Portability and Accountability Act (HIPAA) stands as a pillar of modern healthcare, offering a framework for safeguarding sensitive patient data. So, “what is HIPAA compliance in healthcare? With ever-growing data breaches, HIPAA compliance is more crucial than ever. Anthem Inc.

HIPAA

HIPAA Compliance Electronic Medical Records Health Insurance

Change Healthcare Breach, Plus 12 Other Massive Breaches in 2024

Compliancy Group

JANUARY 31, 2025

The Office for Civil Rights (OCR) states, Regulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures of PHI to tracking technology vendors or any other violations of the HIPAA Rules. The rules on tracking technology are tricky. As a result, 5,599,699 patients were affected.

Ransomware

Ransomware HIPAA Medicare Medicare

Rise Interactive Media & Analytics, DotHouse Health, and Reventics Hacked

HIPAA Journal

FEBRUARY 16, 2023

While the investigation into the breach is ongoing, Edgepark Medical Supplies was informed that the files potentially accessed included names, email addresses, phone numbers, provider information, diagnoses, expected delivery dates, and health insurance information. The breach was confined to Rise Interactive’s systems.

HIPAA

HIPAA Health Insurance

What is a HIPAA Incident Response Plan?

MedTrainer

FEBRUARY 29, 2024

It’s bad enough when a healthcare organization exposes patient protected health information (PHI). But, it can get worse if employees aren’t familiar with their organization’s HIPAA incident response plan. There are countless such cases every year even though it is relatively easy to create a HIPAA incident response plan.

HIPAA

HIPAA Compliance Health Insurance Compliance Officers

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

HIPAA Journal

SEPTEMBER 8, 2023

For patients, the affected information included name, address, email, phone number(s), birth date, Social Security number, driver’s license number, health insurance policy information, treatment information including radiographic images, medical record number, account number, and health conditions.

Licensing

Licensing Ransomware Health Insurance HIPAA

November 8, 2023, Healthcare Data Breach Round-Up

HIPAA Journal

NOVEMBER 8, 2023

The compromised information included names, addresses, dates of birth, Social Security numbers, driver’s license numbers or state IDs, medical treatment information, and health insurance information. The post November 8, 2023, Healthcare Data Breach Round-Up appeared first on HIPAA Journal.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

HIPAA Journal

MAY 17, 2022

The review of the files revealed they mostly contained protected health information such as names, addresses, medical information, and/or health insurance information. Notification letters have now been sent to the 28,024 patients whose protected health information has potentially been compromised.

Health Insurance

Health Insurance Licensing Ransomware HIPAA

GNC Offers “Free Healthcare” — Telehealth, Generic Meds, and Loyalty in the Retail Health Ecosystem

Health Populi

JULY 24, 2023

In the program’s FAQs, one question clearly addresses this, transparently and in layperson’s terms: Q: “Do I need health insurance to use GNC Health?” ” A: “Nope — insurance isn’t needed or accepted.” Cost, cost, cost, cost, and cost — above quality of care.

Health Insurance

Health Insurance Medical Billing Licensing HIPAA

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

HIPAA Journal

JANUARY 27, 2023

The data potentially accessed included names, birth dates, Social Security numbers, financial information, driver’s license numbers, biometric information, diagnosis and treatment information, and health insurance information. This coincides with the 60-day reporting deadline of the HIPAA Breach Notification Rule.

Ransomware

Ransomware HIPAA Fraud Licensing

HIPAA Work From Home Checklist: How to Avoid Violations When Remote

Compliancy Group

MAY 5, 2023

As healthcare professionals continue to work from home, many are facing the challenge of ensuring that they remain HIPAA compliant in a remote environment. HIPAA (Health Insurance Portability and Accountability Act) is a federal law that requires healthcare providers to secure protected health information (PHI) and maintain its privacy.

HIPAA

HIPAA Compliance Health Insurance Doctors

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

HIPAA Journal

MARCH 21, 2022

As previously reported on this site, JDC Healthcare Management detected malware within its IT network on or around August 9, 2021, with the forensic investigation into the security breach confirming the malware was downloaded onto its systems on July 27, 2021. Further information on the data breach has now been obtained.

Ransomware

Ransomware Licensing HIPAA Health Insurance

28,000 Clarke County Hospital Patients Affected by April Cyberattack

HIPAA Journal

JUNE 1, 2023

The files potentially viewed or stolen included names, addresses, dates of birth, health insurance information, medical record numbers, and some health information. A review was conducted to determine if any files had potentially been downloaded to the laptop that could have been accessed.

Hospitals

Hospitals Electronic Medical Records HIPAA Health Insurance

Patient Data Compromised in 5 Hacking Incidents, Ransomware Attacks, and Break-ins

HIPAA Journal

NOVEMBER 17, 2022

New York-Presbyterian Hospital has recently announced that unauthorized individuals gained access to one of its servers and attempted to download sensitive data. The security system detected the intrusion on September 8, 2022, and successfully blocked the attempted download. The electronic record system was unaffected.

Ransomware

Ransomware Health Insurance Fraud HIPAA

How to Stay HIPAA Compliant with Audit Logs

Total HIPAA

OCTOBER 28, 2019

A newsletter on the importance of importance of HIPAA logging requirements states this: 1. HIPAA log retention is also crucial; if the hospital had not archived the logs, investigators could not have found the incriminating records. What HIPAA Security Rule Mandates. What HIPAA Security Rule Mandates.

HIPAA

HIPAA Compliance Fraud Hospitals

Hacking Incidents Reported by Chippewa County and Frideres Dental

HIPAA Journal

APRIL 7, 2023

The Chippewa County Human Resources Division in Wisconsin has recently discovered that the laptop computer of an employee has been compromised and 25-35MB of data was stolen from the device, including information protected under HIPAA. An unknown individual then used the application to access the computer.

Doctors

Doctors HIPAA Hospitals Health Insurance

Email Account Breaches Reported by Access TeleCare & Madison County, MS

HIPAA Journal

MARCH 19, 2025

During the two months, it is possible that emails and attachments were downloaded from the account. On February 17, 2025, external cybersecurity experts confirmed that an unauthorized third party accessed the email account between November 13 and November 17, 2024, Emails and attachments may have been viewed or downloaded during that time.

Licensing

Licensing Telemedicine HIPAA Health Insurance

COVID-19 Vaccination Statuses of 500,000 VA Employees have been Impermissibly Disclosed

HIPAA Journal

DECEMBER 7, 2022

The review of those files revealed they contained information such as names, Social Security numbers, driver’s license numbers, government-issued ID numbers, financial information, medical information, and health insurance information. Notification letters started to be sent to affected individuals on November 18, 2022.

COVID-19 Vaccine

COVID-19 Vaccine COVID-19 Department of Veterans Affairs Licensing

Americans Grew Digital Health-Data Muscles in the Pandemic – New Insights from the Pew Charitable Trusts

Health Populi

AUGUST 5, 2021

Nearly one-half of consumers said the pandemic compelled them to support provider sharing of data, 4 in 10 people embraced downloading data to apps, and one-third supported government standards to improve patient matching. One pillar of that trust is privacy. Patients in the U.S.

COVID-19

COVID-19 Federal Policy Doctors Public Health

Eye Care Leaders Breach: Ransomware Attack Claims New Victims

Compliancy Group

JUNE 29, 2022

The intruder accessed compromised information, including name, address, phone numbers, health insurance information, and medical information related to eye care services – protected health information. Download the free cybersecurity eBook to get tips on protecting your patient information. Email addresses.

Ransomware

Ransomware Electronic Medical Records HIPAA Health Insurance

Medtronic Alerts InPen App Users About Disclosures of Personal Data to Google

HIPAA Journal

APRIL 19, 2023

The latter includes a unique Medtronic Diabetes user identifier, unique numbers attributed to each instance the InPen App is downloaded to a particular device, and identifiers tied to a mobile device such as a MAID, IDFA, AAID, and/or IDFV.

HIPAA

HIPAA Health Insurance

Healthcare Data Security & Insurance Challenges and Solutions

Healthcare IT Today

JUNE 12, 2024

Federal guidelines like the Health Insurance Portability and Accountability Act (HIPAA) outline the responsibility of healthcare providers when it comes to creating, analyzing, and distributing Protected Health Information (PHI).

US Department of Health and Human Services

US Department of Health and Human Services Ransomware Health Insurance HIPAA

$200,000 Penalty for Impermissible Sharing of Premom App Users’ Health Data

HIPAA Journal

MAY 19, 2023

The app allows users to upload pictures of ovulation test strips that the app analyses to predict the user’s next ovulation cycle and the app allows users to upload health data from other devices and apps. The post $200,000 Penalty for Impermissible Sharing of Premom App Users’ Health Data appeared first on HIPAA Journal.

HIPAA

HIPAA Health Insurance

HITECH Compliance

AIHC

APRIL 10, 2024

HITECH is a critical aspect of the Health Insurance Portability & Accountability Act (HIPAA). Since 2009, HITECH has given “teeth” to HIPAA law. What’s the difference between HIPAA and HITECH? HIPAA guarantees patients access to their paper medical records. Understanding HIPAA is crucial.

Compliance

Compliance US Department of Health and Human Services HIPAA Electronic Medical Records

Everything You Need To Know About NPI Numbers

Verisys

NOVEMBER 8, 2023

CMS.gov The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the creation of a standard, unique health identifier for healthcare providers, which the NPI satisfies. Why Are NPI Numbers Necessary? Complete instructions are found on the CMS website.

Fraud

Fraud HIPAA Medicare Medicare

Peachtree Orthopedics Suffers Data Theft and Extortion Incident

HIPAA Journal

JUNE 8, 2023

The forensic investigation confirmed its systems had been accessed by an unauthorized individual between December 5, 2022, and December 21, 2022, and files had been downloaded. The post Peachtree Orthopedics Suffers Data Theft and Extortion Incident appeared first on HIPAA Journal.

Ransomware

Ransomware Hospitals Medical Billing HIPAA

Your Organization’s Guide to Handling HIPAA Documents

HIPAA Law and Employers

Webinars

Trending Sources

Colorado Eye Clinic Investigating Suspected Ransomware Attack

Webinars

HIPAA Social Media Rules

How Healthcare Communication Platforms Can Harness Generative AI in a HIPAA-Compliant Way

HHS Warns HIPAA Covered Entities and Business Associates That Use of Website Cookies, Pixels and Other Tracking Technology May Violate HIPAA Rules

Protected Health Information Stolen in HealthEquity SharePoint Breach

The Most Common HIPAA Violations You Should Avoid

Fitzgibbon Hospital, Diskriter, Christiana Spine Center Suffer Ransomware Attacks

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

Email Account Breaches Reported by Allaire Healthcare Group and Platinum Hospitalists

Hacking and IT Incidents Affect 563,000 Patients and Health Plan Members

Texas Retina Associates Cyberattack Affects 312,000 Patients

HIPAA Compliance Checklist For Healthcare Leaders

Spokane Regional Health District Announces Second Phishing Attack in 3 Months

Email Account Breaches Reported by Newman Regional Health and Contra Costa County

Hackers Compromised Sharp HealthCare Web Server and Stole Patient Data

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Incident Response Requirements

What is HIPAA Compliance in Healthcare?

Change Healthcare Breach, Plus 12 Other Massive Breaches in 2024

Rise Interactive Media & Analytics, DotHouse Health, and Reventics Hacked

What is a HIPAA Incident Response Plan?

Cyberattacks Reported by Bienville Orthopaedic Specialists and Just Kids Dental

November 8, 2023, Healthcare Data Breach Round-Up

Cyberattacks Reported by Schneck Medical Center, NuLife Med, & FPS Medical Center

GNC Offers “Free Healthcare” — Telehealth, Generic Meds, and Loyalty in the Retail Health Ecosystem

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

HIPAA Work From Home Checklist: How to Avoid Violations When Remote

JDC Healthcare Management Data Breach Affects More than 1 Million Texans

28,000 Clarke County Hospital Patients Affected by April Cyberattack

Patient Data Compromised in 5 Hacking Incidents, Ransomware Attacks, and Break-ins

How to Stay HIPAA Compliant with Audit Logs

Hacking Incidents Reported by Chippewa County and Frideres Dental

Email Account Breaches Reported by Access TeleCare & Madison County, MS

COVID-19 Vaccination Statuses of 500,000 VA Employees have been Impermissibly Disclosed

Americans Grew Digital Health-Data Muscles in the Pandemic – New Insights from the Pew Charitable Trusts

Eye Care Leaders Breach: Ransomware Attack Claims New Victims

Medtronic Alerts InPen App Users About Disclosures of Personal Data to Google

Healthcare Data Security & Insurance Challenges and Solutions

$200,000 Penalty for Impermissible Sharing of Premom App Users’ Health Data

HITECH Compliance

Everything You Need To Know About NPI Numbers

Peachtree Orthopedics Suffers Data Theft and Extortion Incident

Stay Connected