Total HIPAA

AUGUST 17, 2022

Covered Entities, and other organizations that are obligated by law to maintain HIPAA compliance, naturally have been curious as to whether they can use Gmail’s confidential mode to share sensitive data. And is it an effective, secure alternative to HIPAA compliant fax or efax protocols? Our HIPAA Prime™ program does all this and more!

HIPAA 116

HIPAA Due Diligence Compliance 116

Health Populi

SEPTEMBER 20, 2020

More younger people would be interested in downloading personal health records compared with older people. Still, over 50% of consumers ages 56 to 74 would like to download their EHR data. This is particularly concerning when personal health data is downloaded to an app that may fall out of the protection of HIPAA.

COVID-19 87

COVID-19 Governance Doctors HIPAA 87

Health Care Performance

APRIL 26, 2022

HIPAA has been around for years -. but that does not mean complying with HIPAA is easy. The Security Rule requires a HIPAA Security Risk Analysis - a task that is interdisciplinary, comprehensive, and detailed. Plus, HIPAA guidance and risks are continually changing - and so should your HIPAA training. About Scott.

HIPAA 52

HIPAA Compliance 52

HIPAA Journal

DECEMBER 31, 2022

HIPAA was enacted several years before social media networks such as Facebook and Instagram existed, so there are no specific HIPAA compliance rules for social media. There are many benefits to be gained from using social media if your organization is a HIPAA Covered Entity or Business Associate.

HIPAA 107

HIPAA Compliance Health Insurance Public Health 107

Healthcare It News

JANUARY 30, 2023

Diligent Corporation announced PII compromised, exposed UCHealth data According to a UCHealth announcement posted to its website January 17, "Diligent provides hosted services to UCHealth and reported to UCHealth that Diligent’s software was accessed and attachments were downloaded including UCHealth files."

Electronic Medical Records 327

Electronic Medical Records Doctors HIPAA 327

Healthcare IT Today

AUGUST 25, 2020

The reason being is because patients are now entitled to use Application Programming Interfaces to download their health data into their application of choice. Further reinforcing the original intent of HIPAA, this empowers patients to download their data and use […].

HIPAA 134

HIPAA Hospitals 134

Healthcare It News

JUNE 13, 2023

Users can build HIPAA-compliant healthcare applications, for example, and MOVEit controls data transfers with encryption, tracking and access controls. The company provides cloud and other services, which integrate with electronic health records and other systems, and a full stack for developing digital applications.

Ransomware 306

Ransomware Public Health HIPAA 306

Healthcare IT Today

OCTOBER 20, 2023

The Health Insurance Portability and Accountability Act of 1996 ( HIPAA ) is a federal law that safeguards sensitive patient health information (PHI) from being disclosed. Up to now, HIPAA-compliant data security and generative AI haven’t gone hand-in-hand as AI is trained on large datasets centrally and often by third parties.

HIPAA 121

HIPAA Informed Consent Nurses Compliance 121

HIPAA Journal

DECEMBER 31, 2022

One of the questions we are sometimes asked is how to report a HIPAA violation anonymously. Consequently, it is not possible to report a HIPAA violation anonymously via the OCR Complaints Portal. You can download a complaint form , complete it, send it to OCR by mail or as an email attachment.

HIPAA 98

HIPAA Medicaid Medicaid Medicare 98

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules. Are Data Breaches HIPAA Violations?

HIPAA 107

HIPAA Compliance Hospitals Medicare 107

MedTrainer

JULY 29, 2024

Cybersecurity threats and bad actors may pose the highest risk, but failure to incorporate new regulations (including the HIPAA 2024 final rules) into practical policies, staff training, and Business Associate Agreements (BAAs) can quickly lead to unintended breaches and civil liabilities.

HIPAA 98

HIPAA Compliance Compliance Officers Hospitals 98

Health Populi

SEPTEMBER 21, 2020

More younger people would be interested in downloading personal health records compared with older people. Still, over 50% of consumers ages 56 to 74 would like to download their EHR data. This is particularly concerning when personal health data is downloaded to an app that may fall out of the protection of HIPAA.

COVID-19 71

COVID-19 Governance Public Health Doctors 71

Total HIPAA

MARCH 29, 2023

HIPAA compliant text messaging apps protect sensitive data, like Protected Health Information (PHI) in transit. In this blog we will review several companies that provides HIPAA compliant text messaging, allowing secure texting of PHI. Each application has a free version for download.

HIPAA 98

HIPAA Compliance Hospitals COVID-19 98

HIPAA Journal

MARCH 14, 2025

The app is available in the Apple App Store and on Google Play, with the latter showing the app has been downloaded more than 50,000 times. The post Healthcare Staff Database with 86,000 Records Exposed Online appeared first on The HIPAA Journal. The non-password-protected database was linked to ESHYFT, which operates in 29 U.S.

Nurses 60

Nurses Licensing HIPAA 60

HIPAA Journal

DECEMBER 2, 2022

The HHS’ Office for Civil Rights has issued a bulletin confirming that the use of third-party tracking technologies on websites, web applications, and mobile apps without a business associate agreement (BAA) is a HIPAA violation if the tracking technology collects and transmits individually identifiable health information.

HIPAA 107

HIPAA Compliance Hospitals Fraud 107

Health Law Advisor

DECEMBER 5, 2022

The bulletin advises that “[r]egulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures of Protected Health Information (“PHI”) to tracking technology vendors or any other violations of the HIPAA Rules.”

HIPAA 98

HIPAA Doctors Health Insurance Compliance 98

HIPAA Journal

MARCH 25, 2025

A third-party digital forensics firm assisted with the investigation and confirmed that the account contents had been downloaded. The post Colorado Eye Clinic Investigating Suspected Ransomware Attack appeared first on The HIPAA Journal. On January 21, 2025, Meigs EMS identified unauthorized access to an employee email account.

Ransomware 88

Ransomware Licensing Electronic Medical Records Health Insurance 88

HIPAA Journal

JUNE 8, 2022

The vulnerability can be exploited by sending a specially crafted.diagcab file via email or convincing a user to download the file from the Internet.diagcab files are Cabinet files that include a diagnostic configuration file. The post DogWalk Zero-day Windows MSDT Vulnerability Gets Unofficial Patch appeared first on HIPAA Journal.

HIPAA 134

HIPAA 134

HIPAA Journal

JULY 5, 2024

An investigation was launched which determined that between November 2, 2023, and March 29, 2024, the vendor accessed and downloaded information from a Kairos database. No Social Security numbers, driver’s license numbers, or financial account information were accessed or downloaded.

Licensing 121

Licensing HIPAA Health Insurance 121

HIPAA Journal

JUNE 16, 2022

The HIPAA Security Rule requires HIPAA-regulated entities to conduct a comprehensive, organization-wide risk analysis to identify the risks and vulnerabilities to the confidentiality, integrity, and availability of electronic protected health information (ePHI). Risk analyses/assessments are vital for HIPAA compliance.

HIPAA 111

HIPAA Compliance 111

Healthcare IT News - Telehealth

JUNE 11, 2020

Athenahealth announced this week that it had launched an embedded telehealth tool to allow practitioners to conduct virtual visits without having to download separate software or use another third-party app. "When you introduce rapid change, that potential goes up rapidly," he said. ON THE RECORD.

Telemedicine 208

Telemedicine COVID-19 HIPAA Nurses 208

HIPAA Journal

JANUARY 30, 2023

The National HIPAA Summit is the leading forum on healthcare EDI, privacy, breach notification, confidentiality, data security, and HIPAA compliance, and the deadline for registration for the Virtual 40th National HIPAA Summit is fast approaching.

US Department of Health and Human Services 83

US Department of Health and Human Services HIPAA Compliance Medicaid 83

HIPAA Journal

APRIL 7, 2023

The average enterprise healthcare user interacts with 22 cloud apps a month, with 94% of enterprise healthcare users downloading data from cloud apps each month. Downloaders are also commonly distributed via cloud apps, followed by file-based exploits for exploiting known unpatched vulnerabilities, information stealers, and backdoors.

HIPAA 116

HIPAA 116

HIPAA Journal

JUNE 29, 2022

On June 25, 2022, a spokesperson for a threat group called DAIXIN Team contacted HIPAA Journal to share information about a ransomware attack and data theft incident at Fitzgibbon Hospital in Marshall, Missouri. DAIXIN Team was previously not known to HIPAA Journal and appears to be a new ransomware group.

Ransomware 139

Ransomware Hospitals HIPAA Health Insurance 139

HIPAA Journal

AUGUST 12, 2022

The emails have an Evernote-themed lure to trick recipients into downloading a Trojan file that generates a login prompt to steal credentials. The link included in the email directs the user to the Evernote site, where they are prompted to download an HTML file – called message (3).html. Evernote Phishing Campaign. Source: HC3.

Ransomware 114

Ransomware HIPAA 114

Healthcare IT News - Telehealth

NOVEMBER 10, 2020

” The only HIPAA-compliant vendor Upstate had immediate access to and currently was using was WebEx. also was used for some simple, one-to-one visits, since it offered a free trial to providers and did not require the patient to download an app. Also, WebEx facilitated HIPAA-compliant video chats with more than two attendees.

Telemedicine 211

Telemedicine COVID-19 Patient Satisfaction HIPAA 211

HIPAA Journal

JUNE 9, 2022

The forensic investigation found no evidence to suggest any of that information was viewed or downloaded, and no reports have been received of any instances of actual or attempted misuse of the data. The post Email Account Breaches Reported by Allaire Healthcare Group and Platinum Hospitalists appeared first on HIPAA Journal.

HIPAA 133

HIPAA Licensing Health Insurance Hospitals 133

HIPAA Journal

OCTOBER 7, 2022

On August 5, 2022, Anthem discovered that an unauthorized individual had gained access to a database and downloaded files containing plan members’ protected health information, including names, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, and Medicaid ID numbers.

HIPAA 114

HIPAA Health Insurance Medicaid Medicaid 114

Healthcare IT News - Telehealth

NOVEMBER 18, 2020

“The Caregility technology offered a HIPAA-compliant, two-way, audio/video solution,” said Tracey Kopenhaver, RN, eICU and cardiac ICU operations manager at Geisinger. “The technology was offered in a mobile app that could be downloaded to any mobile device.

Nurses 213

Nurses Telemedicine HIPAA Hospitals 213

HIPAA Journal

SEPTEMBER 27, 2022

The attached file includes a malicious hyperlink that directs the recipient to a Lark Docs site, which has an Adobe Cloud theme and offers a secure fax document from Xerox Scanner to download. The post Monkeypox Phishing Campaign Targets Healthcare Providers appeared first on HIPAA Journal.

COVID-19 127

COVID-19 Public Health HIPAA 127

MedTrainer

JULY 25, 2024

Adhering to the Health Insurance Portability and Accountability Act (HIPAA) standards is crucial to uphold compliance and regulatory requirements for any health organization. What Is HIPAA? HIPAA, enacted in 1996, originally aimed to improve health insurance portability and reduce healthcare fraud.

HIPAA 52

HIPAA Compliance Health Insurance Fraud 52

Compliancy Group

FEBRUARY 8, 2023

Faxage is one of the companies that offer the service and claims to be HIPAA compliant. What Makes a Software Tool HIPAA Compliant? When it comes to software, there are specific indications of the tool’s HIPAA compliance. Software HIPAA compliance really boils down to two things. What Are HIPAA Safeguards?

HIPAA 52

HIPAA Compliance 52

MedTrainer

JUNE 23, 2024

When it happens, it is much easier to have a sample HIPAA breach notification letter on hand, rather than trying to create one in the moment. If you want to skip right to the sample HIPAA breach notification letter, here’s a link to both a ready-to-use HIPAA Breach Notification Policy and sample letter to patients.

HIPAA 52

HIPAA Compliance Compliance Officers 52

MedTrainer

FEBRUARY 21, 2024

The Health Insurance Portability and Accountability Act (HIPAA) requires a deep understanding of not only the law itself but also the HIPAA incident response requirements mandated by the Department of Health and Human Services’ Office of Civil Rights (OCR). What is a HIPAA Incident?

HIPAA 52

HIPAA Compliance Health Insurance Compliance Officers 52

HIPAA Journal

APRIL 1, 2022

That information may have been ‘previewed’ by an unauthorized individual, although no evidence was found to suggest information had been accessed or downloaded. Between June 24, 2021, and July 2, 2021, emails and attachments in a Ciox Health employee’s email account were downloaded by an unauthorized individual.

Fraud 141

Fraud HIPAA Licensing Health Insurance 141

HIPAA Journal

NOVEMBER 23, 2022

If the group is unable to monetize the stolen data, the passwords for the archives are then published, which allows anyone to access and download the stolen data. The post HPH Sector Warned About Lorenz Ransomware Group appeared first on HIPAA Journal.

Ransomware 141

Ransomware Public Health HIPAA 141

HIPAA Journal

MAY 6, 2024

Guardant Health immediately removed the file when the error was discovered, and on March 4, 2024, it was confirmed that unidentified third parties downloaded the file between September 8, 2023, and February 28, 2024.

HIPAA 120

HIPAA Hospitals 120