Health Insurance, HIPAA and Medicaid - Health Care Compliance Brief

Audit of the Connecticut Health Insurance Exchange Uncovers 44 Unreported Data Breaches

HIPAA Journal

APRIL 6, 2022

An audit of Connecticut’s Health Insurance Exchange, Access Health CT, by the state auditor has revealed Access Health CT suffered 44 data breaches over the last 3.5 Access Health CT said it is also strengthening its internal purchasing policies and procedures and will be revising its contract procurement policy.

Health Insurance

Health Insurance HIPAA Medicaid Medicaid

What is HIPAA?

HIPAA Journal

FEBRUARY 23, 2022

What is HIPAA? HIPAA is an acronym for the Health Insurance Portability and Accountability Act. When the Health Insurance Portability and Accountability Act was passed by Congress in 1996, the establishment of federal standards for safeguarding PHI was not one of the primary objectives.

HIPAA

HIPAA Fraud Health Insurance Medicaid

What is a HIPAA Violation?

HIPAA Journal

DECEMBER 31, 2022

To best answer the question what is a HIPAA violation, it is necessary to explain what HIPAA is, who it applies to, and what constitutes a violation; for although most people believe they know what a HIPAA compliance violation is, evidence suggests otherwise. What is HIPAA and Who Does It Apply To?

HIPAA

HIPAA Due Diligence Compliance Fraud

Comply with Privacy Rights to Avoid Unconsented Intimate Exams

AIHC

NOVEMBER 12, 2024

This article addresses how these privacy rights extend beyond rules designated under HIPAA and States passing rules banning unauthorized pelvic exams. 1],[2] UIEs are training and education-related examinations, including, but not limited to, pelvic, breast, prostate, and rectal examinations.

Informed Consent

Informed Consent HIPAA Compliance Hospitals

Settlement Agreed with Florida Children’s Health Insurance Website Contractor to Resolve False Claims Act Allegations

HIPAA Journal

MARCH 15, 2023

The United States Department of Justice has agreed to settle alleged False Claims Act violations with Jelly Bean Communications Design LLC and manager Jeremy Spinks related to the failure to protect HIPAA-covered data. FHKC is a state-created entity that offers health and dental insurance to children in Florida between the ages of 5 and 18.

Health Insurance

Health Insurance HIPAA Due Diligence Fraud

Clarifying the HIPAA Retention Requirements

HIPAA Journal

MARCH 31, 2023

The reason the HIPAA retention requirements needs clarifying is that the distinction between HIPAA medical records retention and HIPAA record retention can be confusing. Throughout the Administrative Simplification Regulations of HIPAA, there are several references to HIPAA data retention.

HIPAA

HIPAA Medicare Medicare Compliance

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

HIPAA Journal

APRIL 14, 2023

The Iowa Department of Health and Human Services (DHHS) has confirmed that the personal information of 20,800 Iowans who receive Medicaid was exposed in a cyberattack at a subcontractor of one of its business associates between June 30, 2022, and July 5, 2022. It is currently unclear how many individuals have been affected.

Medicaid

Medicaid Medicaid Ransomware HIPAA

10 Charged Over BEC Scams Targeting Medicare, Medicaid, and Private Insurance Programs

HIPAA Journal

NOVEMBER 21, 2022

million being defrauded from Medicaid, Medicare, and private health insurance programs. Five state Medicaid programs, two Medicare Administrative Contractors, and two private health insurers were tricked into changing the bank account details for payments. million, and $6.4 million, and $6.4

Medicaid

Medicaid Medicaid Medicare Medicare

How to Conduct Effective Compliance Audits

American Medical Compliance

OCTOBER 25, 2024

For instance, an individual who unknowingly violates HIPAA will pay a $100 fine per violation with an annual maximum of $25,000 for those who repeat violation, according to the National Institutes of Health. When conducted effectively, these audits can help healthcare providers avoid costly penalties.

Compliance

Compliance Fraud Compliance Framework HIPAA

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA Journal

JUNE 8, 2023

The Iowa Department of Health and Human Services has announced there have been three separate breaches of the protected health information of Iowa Medicaid recipients in the past two months – two hacking incidents and an impermissible disclosure, all three of which involved third-party contractors.

Medicaid

Medicaid Medicaid Ransomware Health Insurance

HIPAA and Modern Healthcare Realities: Dispelling Data Sharing Myths

HIT Consultant

JULY 22, 2024

Timi Leslie, President, BluePath Health and Exec Director of the Connecting for Better Health Coalition Myths in healthcare data sharing often cloud the understanding of permissible practices, but this hesitance usually stems from risk avoidance rather than regulatory constraints.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Agencies Call on Group Health Plan Sponsors to Extend Special Enrollment Period for Medicaid Redeterminations

Compliance Now

AUGUST 10, 2023

As background, according to federal Health Insurance Portability and Accountability Act (HIPAA) rules, individuals have 60 days from losing CHIP and Medicaid eligibility to elect coverage under their group plan. The real potential of this number growing daily is what has prompted the Agencies to issue this “request.”

Medicaid

Medicaid Medicaid Compliance COVID-19

Agencies Call on Group Health Plan Sponsors to Extend Special Enrollment Period for Medicaid Redeterminations

Compliance Now

AUGUST 10, 2023

As background, according to federal Health Insurance Portability and Accountability Act (HIPAA) rules, individuals have 60 days from losing CHIP and Medicaid eligibility to elect coverage under their group plan. The real potential of this number growing daily is what has prompted the Agencies to issue this “request.”

Medicaid

Medicaid Medicaid Compliance COVID-19

What did the HIPAA Omnibus Rule Mandate?

HIPAA Journal

JANUARY 12, 2024

The HIPAA Omnibus Rule mandated modifications to the Privacy, Security, and Enforcement Rules in order to adopt measures passed in the HITECH Act, finalized the Breach Notification Rule, and added standards to account for the passage of the GINA Act. Strengthen the limitations on uses and disclosures of Protected Health Information.

HIPAA

HIPAA Compliance Health Insurance Medicaid

Editorial: 5 Gaps in HIPAA and How They Are Being Filled

HIPAA Journal

OCTOBER 21, 2022

There are – and always have been – gaps in HIPAA and, after more than a quarter of a century, some have yet to be addressed. Most of the gaps in HIPAA are attributable to omissions from the original Act, provisions of HIPAA and HITECH that have never been enacted, and the increasing use of technology in healthcare.

HIPAA

HIPAA Compliance Medicare Medicare

Lawsuits Increasing Following HIPAA Breaches

Compliancy Group

MAY 27, 2022

Almost as surely as summer follows spring, lawsuits follow breaches of protected health information. Here’s a roundup of recent HIPAA breach lawsuits and settlements. Lawsuits Increasing Following HIPAA Breaches – Facts and Figures. Let’s Simplify Compliance HIPAA and cybersecurity go hand-in-hand.

HIPAA

HIPAA Ransomware Hospitals Health Insurance

The Most Common HIPAA Violations You Should Avoid

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules.

HIPAA

HIPAA Compliance Hospitals Medicare

An Overview of Healthcare Compliance Laws and Regulations

Compliancy Group

NOVEMBER 1, 2024

HIPAA The Health Insurance Portability and Accountability Act (HIPAA) requires protecting the security and privacy of medical records and all patient data. Healthcare compliance under HIPAA includes adhering to the Security Rule, which covers the handling, maintenance, and sharing of PHI.

Compliance

Compliance HIPAA Electronic Medical Records Fraud

Health Data Analytics Firm Reports 1.1-Million Record MSP Data Breach

HIPAA Journal

APRIL 29, 2024

Berry, Dunn, McNeil & Parker, LLC (BerryDunn) provides health data analytics services to healthcare providers, health insurers, and government regulatory and healthcare policy agencies and its clients provide BerryDunn with personal and health data to allow the firm to perform its contracted services.

Health Insurance

Health Insurance Health Analytics HIPAA Medicaid

Senators call for CMS to provide plan for telehealth changes

Healthcare IT News - Telehealth

JULY 2, 2020

Secretary of Health and Human Services Alex Azar and Centers for Medicare and Medicaid Services Administrator Seema Verma to provide a written plan for permanent changes to Medicare, Medicaid and Children’s Health Insurance Program rules around telehealth.

COVID-19

COVID-19 Medicare Medicare Medicaid

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

On August 5, 2022, Anthem discovered that an unauthorized individual had gained access to a database and downloaded files containing plan members’ protected health information, including names, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, and Medicaid ID numbers.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Preventing Non-Compliance Consequences in Healthcare

Verisys

MARCH 6, 2025

Department of Health and Human Services (HHS) Enforces regulations like the Health Insurance Portability and Accountability Act (HIPAA) to ensure patient data privacy and security. In another case, Californias Providence Medical Institute was fined $240,000 for violating HIPAA Security Rules, which led to a data breach.

Compliance

Compliance HIPAA Licensing Governance

Johns Hopkins Medicine Confirms More Than 310,400 Individuals Affected by MOVEit Hack

HIPAA Journal

AUGUST 14, 2023

Several other HIPAA-regulated entities have confirmed that they have been affected. The Colorado Department of Health Care Policy and Financing , which oversees the state’s Medicaid program and the Child Health Plan Plus (CHP+) program, was also affected.

Medicaid

Medicaid Medicaid HIPAA Health Insurance

Regulatory Compliance For Healthcare Organizations

Electronic Health Reporter

APRIL 8, 2020

Even so, it’s the Health Insurance Portability and Accountability Act (HIPAA) that gets the most […]. By Jordan MacAvoy, vice president of marketing, Reciprocity Labs. There are several regulatory compliance requirements that healthcare organizations must follow.

Regulatory Compliance

Regulatory Compliance Compliance HIPAA Health Insurance

Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services

HIPAA Journal

JULY 4, 2024

SkinCure Oncology has notified 13,434 patients about an email attack that occurred in June 2023, and the Wisconsin Department of Health Services has announced a breach of the personal information of 19,150 Medicaid recipients. SkinCure Oncology believes files in those email accounts were viewed and potentially obtained in the attack.

Medicaid

Medicaid Medicaid Fraud Licensing

Records of 4 Million Coloradans Compromised in MOVEit Transfer Attack

HIPAA Journal

AUGUST 14, 2023

The Colorado Department of Health Care Policy and Financing (HCPF), which oversees the state’s Medicaid program and the Child Health Plan Plus (CHP+) program, has recently confirmed that the protected health information of 4,091,794 individuals was compromised.

Medicaid

Medicaid Medicaid HIPAA Health Insurance

Hackers Gained Access to Files Containing the PHI of 115,670 South Shore Hospital Patients

HIPAA Journal

FEBRUARY 15, 2022

The post Hackers Gained Access to Files Containing the PHI of 115,670 South Shore Hospital Patients appeared first on HIPAA Journal. Spencer Gifts said it is reviewing its security policies and procedures and further electronic security features will be implemented.

Hospitals

Hospitals Health Insurance HIPAA Medicaid

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

HIPAA Journal

MARCH 14, 2022

CRMC said at this stage of the investigation it does not appear that the attackers gained access to its electronic medical record database; however, the files accessed or potentially accessed by the attackers included information such as patient names, addresses, birth dates, medical information, and health insurance information.

Electronic Medical Records

Electronic Medical Records Health Insurance HIPAA Licensing

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

The exposed information included names, dates of birth, Social Security numbers, driver’s license numbers, clinical/diagnosis information, health insurance member ID numbers, medical record numbers, and Medicare or Medicaid numbers. No evidence of data theft or misuse of information has been detected.

Health Insurance

Health Insurance Licensing Fraud HIPAA

HIPAA Transactions and Code Sets Rules

HIPAA Journal

JULY 3, 2024

The HIPAA transactions and code sets rules have the objective of replacing non-standard descriptions of healthcare activities with standard formats for each type of activity in order to streamline administrative processes, lower operating costs, and improve the quality of data. Health Care Claims Status.

HIPAA

HIPAA Medicaid Medicaid Compliance

Protecting the Consumer at the Heart of DTC Precision Medicine

Bill of Health

OCTOBER 27, 2023

In the context of health, let alone highly sophisticated cell signaling and microenvironment data, the web gets even more tangled. The HIPAA Problem The privatization of next-generation medical technologies, especially in regenerative and precision medicine, further muddies the data-protection waters.

HIPAA

HIPAA FDA Informed Consent Health Insurance

Great Valley Cardiology Notifies 181,700+ Individuals About PHI Exposure

HIPAA Journal

JUNE 16, 2023

Further information on the data breach has been covered by The HIPAA Journal here. The letters included Medicaid benefit information, although only around 200 of the 5,800 individuals affected had either their Medicare health insurance claim number (HICN) or Social Security number disclosed.

Medicaid

Medicaid Medicaid HIPAA Health Insurance

More Than 4 Million Individuals Affected by Cyberattack on Independent Living Systems

HIPAA Journal

MARCH 15, 2023

The post More Than 4 Million Individuals Affected by Cyberattack on Independent Living Systems appeared first on HIPAA Journal. The types of information varied from individual to individual.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

AHA discovered the email breach in early September 2021 and determined on December 2, 2021, that files containing the protected health information of its healthcare provider clients had been accessed. UMC was a victim of a REvil ransomware attack in June 2021 that resulted in the theft of the protected health information of 1.3

Health Insurance

Health Insurance Licensing Ransomware Fraud

HIPAA Rules and Regulations

HIPAA Journal

JULY 4, 2024

The HIPAA rules and regulations are the standards and implementation specifications adopted by federal agencies to streamline healthcare transactions and protect the privacy and security of individually identifiable health information. These instructions evolved into what many consider to be the HIPAA Rules and Regulations.

HIPAA

HIPAA Compliance Fraud Medicare

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

HIPAA Journal

MAY 19, 2022

Million Data Breach Settlement Gets Preliminary Approval appeared first on HIPAA Journal. The breach was reported to the HHS’ Office for Civil Rights as affecting 114,007 individuals. The post Solara Medical Supplies $9.76

Licensing

Licensing HIPAA Health Insurance Medicaid

HIPAA Compliance for Behavioral Health Billing

Medisys Compliance

APRIL 24, 2024

Introduction As a behavioral health provider, protecting your patients’ privacy must be your top priority. The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that safeguards the privacy of individuals’ health information, including mental health and substance abuse treatment records.

HIPAA

HIPAA Compliance Medical Billing Outsourcing Medical Billing

AHA, AMA, BCBSA Urge CMS Not to Adopt Proposed Standards for Healthcare Attachments

HIPAA Journal

JULY 28, 2023

The HHS’ Centers for Medicare and Medicaid Services (CMS) is being urged not to implement the proposed standards for prior authorization attachments, as detailed in its December 2022 Notice of Proposed Rulemaking (NPR). As such, the AHA, AMA, and BCBSA strongly advise against the adoption of the standards for prior authorization attachments.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

Cyberattacks Reported by Independent Case Management & Conifer Health Solutions

HIPAA Journal

AUGUST 18, 2022

The investigation confirmed that only 3 servers were affected, and they contained information such as names, addresses, dates of birth, Social Security numbers, health records, insurance plan and payment information, Medicaid numbers, and medical and health records. Some employee files were also stored on the servers.

Ransomware

Ransomware HIPAA Health Insurance Medicaid

235,000 Keystone Health Patients Affected by August 2022 Cyberattack

HIPAA Journal

OCTOBER 18, 2022

Prompt notification is a requirement of the HIPAA Breach Notification Rule and is important for patients, as it allows them to take appropriate steps to protect themselves against misuse of their information. The post 235,000 Keystone Health Patients Affected by August 2022 Cyberattack appeared first on HIPAA Journal.

HIPAA

HIPAA Health Insurance Licensing Medicaid

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

Those emails contained patient information such as names, dates of birth, Social Security numbers, medical information, health insurance information, driver’s license numbers, and state ID numbers. The post Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

Licensing

Licensing Health Insurance Fraud HIPAA

Change Healthcare Breach, Plus 12 Other Massive Breaches in 2024

Compliancy Group

JANUARY 31, 2025

The Office for Civil Rights (OCR) states, Regulated entities are not permitted to use tracking technologies in a manner that would result in impermissible disclosures of PHI to tracking technology vendors or any other violations of the HIPAA Rules. The rules on tracking technology are tricky. HealthEquity 4.3 The damage?

Ransomware

Ransomware HIPAA Medicare Medicare

Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice

HIPAA Journal

NOVEMBER 12, 2024

The affected systems contained information such as names, addresses, dates of birth, billing and claims information, health insurance claims information, diagnoses, medications, test results, x-ray images, and other treatment information. Passwords were reset and policies and procedures have been reviewed.

Health Insurance

Health Insurance Fraud Licensing HIPAA

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

The files exfiltrated from its systems included the protected health information of patients. Assisted by a third-party cybersecurity firm, APTG determined on January 7, 2022, that files containing the protected health information of 14,970 patients may have been exfiltrated from its network between December 23, 2021, and December 28, 2021.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Audit of the Connecticut Health Insurance Exchange Uncovers 44 Unreported Data Breaches

What is HIPAA?

Trending Sources

What is a HIPAA Violation?

Comply with Privacy Rights to Avoid Unconsented Intimate Exams

Settlement Agreed with Florida Children’s Health Insurance Website Contractor to Resolve False Claims Act Allegations

Clarifying the HIPAA Retention Requirements

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

10 Charged Over BEC Scams Targeting Medicare, Medicaid, and Private Insurance Programs

How to Conduct Effective Compliance Audits

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA and Modern Healthcare Realities: Dispelling Data Sharing Myths

Agencies Call on Group Health Plan Sponsors to Extend Special Enrollment Period for Medicaid Redeterminations

Agencies Call on Group Health Plan Sponsors to Extend Special Enrollment Period for Medicaid Redeterminations

What did the HIPAA Omnibus Rule Mandate?

Editorial: 5 Gaps in HIPAA and How They Are Being Filled

Lawsuits Increasing Following HIPAA Breaches

The Most Common HIPAA Violations You Should Avoid

An Overview of Healthcare Compliance Laws and Regulations

Health Data Analytics Firm Reports 1.1-Million Record MSP Data Breach

Senators call for CMS to provide plan for telehealth changes

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

Preventing Non-Compliance Consequences in Healthcare

Johns Hopkins Medicine Confirms More Than 310,400 Individuals Affected by MOVEit Hack

Regulatory Compliance For Healthcare Organizations

Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services

Records of 4 Million Coloradans Compromised in MOVEit Transfer Attack

Hackers Gained Access to Files Containing the PHI of 115,670 South Shore Hospital Patients

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Transactions and Code Sets Rules

Protecting the Consumer at the Heart of DTC Precision Medicine

Great Valley Cardiology Notifies 181,700+ Individuals About PHI Exposure

More Than 4 Million Individuals Affected by Cyberattack on Independent Living Systems

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Rules and Regulations

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

HIPAA Compliance for Behavioral Health Billing

AHA, AMA, BCBSA Urge CMS Not to Adopt Proposed Standards for Healthcare Attachments

Cyberattacks Reported by Independent Case Management & Conifer Health Solutions

235,000 Keystone Health Patients Affected by August 2022 Cyberattack

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

Change Healthcare Breach, Plus 12 Other Massive Breaches in 2024

Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

Stay Connected