HIPAA and Information - Health Care Compliance Brief

A Look at Changes in the NEW HIPAA Security Rule

Healthcare IT Today

JANUARY 7, 2025

Proposed Changes Require Strong Cybersecurity The newly proposed changes to the 2013 HIPAA Security Rule published yesterday in the U.S. A risk analysis must include all systems, not only the systems that process health information, because other systems could be compromised to allow access to those containing health information.

HIPAA

HIPAA Compliance Ransomware Governance

HubSpot announces HIPAA-compliant tools in public beta

Healthcare It News

JUNE 5, 2024

Healthcare companies and providers can now store HIPAA-protected data in the HubSpot customer relationship management platform to automate workflows, connect teams with closed-loop reporting and create campaigns with personalized information, the company said Tuesday. The nexus of technology and HIPAA compliance has evolved, however.

HIPAA

HIPAA Compliance Medicare Medicare

HIPAA Phishing Scandal Results in $3M OCR Settlement

Compliancy Group

JANUARY 15, 2025

On January 14, 2025, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a HIPAA phishing settlement with Solara Medical Supplies, LLC (Solara). In January 2020, Solara filed a second breach report informing OCR of the breach notification snafu. The full terms of the agreement can be found here.

HIPAA

HIPAA Due Diligence Compliance

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

OCR fines 11 healthcare orgs for HIPAA right of access cases

Healthcare It News

JULY 18, 2022

The HHS Office for Civil Rights on Friday said it has settled nearly a dozen investigations of allegations of HIPAA Right of Access Initiative violations. The practice agreed to take corrective actions and paid $22,500 to settle a potential violation of the HIPAA Privacy Rule right of access standard. WHY IT MATTERS.

HIPAA

HIPAA Hospitals Nurses

Best Practices for Sharing Protected Health Information (PHI)

Gain insights into the importance of safeguarding PHI to protect patient privacy and learn about the severe consequences of HIPAA violations. Explore essential topics in this ebook, including what constitutes PHI and how to identify it using 18 indicators.

HIPAA

HIPAA Compliance in the Age of Big Data: Ensuring Patient Privacy in Healthcare Data Analytics

HIT Consultant

DECEMBER 30, 2024

Mateusz Krempa, COO, Piwik PRO As healthcare providers increasingly embrace big data, they find themselves at a crossroads: the challenge of using relevant data to improve patient care while ensuring the highest levels of privacy and compliance with regulations like the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA

HIPAA Compliance Health Insurance Hospitals

Egress: A Comprehensive Review for HIPAA Compliance

Total HIPAA

DECEMBER 3, 2024

Introduction In today’s digital age, protecting sensitive patient information (PHI) is a top priority for healthcare organizations. HIPAA compliance mandates stringent security measures, including robust email encryption services. Flexibility: Egress’s flexible deployment options cater to diverse organizational needs.

HIPAA

HIPAA Compliance

HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation for $90,000

Compliancy Group

NOVEMBER 5, 2024

, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) settled a HIPAA ransomware cybersecurity investigation of Bryan County Ambulance Authority (BCAA). HIPAA Ransomware Cybersecurity Investigation: The Risk Analysis Initiative In late October of 2024, a conference was held in Washington, D.C. by the U.S.

Ransomware

Ransomware HIPAA Compliance Governance

HIPAA 2024 Year in Review – Ransomware, Risk Analysis, and Right of Access Remedies

Compliancy Group

DECEMBER 20, 2024

In 2024, the Department of Health and Human Services (HHS) Office for Civil Rights announced a series of enforcement actions against entities that violated, or potentially violated, one or more HIPAA rules. This HIPAA 2024 Year in Review article discusses these actions. Monitor and safeguard its health information systems activity.

Ransomware

Ransomware HIPAA Fraud Electronic Medical Records

HIPAA: Why It Matters to Your Practice

Advertiser: Abyde

85% of practices are not complying with the government’s HIPAA standards. The large majority of practices are likely trying to protect patients’ information, but they may not be doing all that they need to meet government requirements. Not complying with HIPAA has definite drawbacks, with one major one being massive fines.

HIPAA

OCR Settles With Northeast Surgical Group, P.C. over Potential HIPAA Risk Analysis Rule Violation

Compliancy Group

JANUARY 16, 2025

NESG agreed to settle allegations of noncompliance with the HIPAA security risk analysis violation. Details of the HIPAA risk analysis rule settlement are provided below. NESG concluded that the protected health information of 15,298 patients (NESGs entire patient population) had been encrypted and exfiltrated from its network.

HIPAA

HIPAA Ransomware Compliance

Feds ding five providers in HIPAA Right of Access enforcement actions

Healthcare It News

DECEMBER 3, 2021

Department of Health and Human Services Office of Civil Rights announced this week that it had brought HIPAA-related enforcement actions against five healthcare providers. The actions brought the total number of enforcements carried out under the agency's HIPAA Right of Access Initiative to 25. The provider was fined $32,150.

HIPAA

HIPAA Hospitals Compliance

Key Challenges in Maintaining Compliance with Regulatory Standards in the Context of Health Information Management

Healthcare IT Today

DECEMBER 24, 2024

Rules and regulations are an integral part of life, especially in the world of healthcare where you are dealing with very sensitive information and situations. Currently, one such tricky area is health information management. Strict regulations govern the sharing of Protected Health Information (PHI) to safeguard patient privacy.

Compliance

Compliance HIPAA Governance Regulatory Compliance

Mind over Machine: Navigating the Legal and Ethical Frontier of Neurotech

Bill of Health

FEBRUARY 27, 2025

This capability, however, comes with a caveat: Neural data , capturing thoughts, emotions, and predispositions, is perhaps the most intimate form of personal information, capable of revealing unique information about [ones] physiology, health or mental states. In the U.S.,

Informed Consent

Informed Consent HIPAA Health Insurance

HIPAA Compliance: Can Your Organization Avoid Costly Government Penalties and Fines?

Colington Consulting was established in 2013 and helps organizations achieve HIPAA compliance and ensures clients stay current with the latest enforcement trends. We provide a full range of HIPAA compliance services and consulting.

HIPAA

Santa Cruz Health Information Organization to integrate SDOH data

Healthcare It News

AUGUST 22, 2022

Along with creating a HIPAA-certified master patient index, the universal identity platform will allow SCHIO to integrate social determinants of health into patient records. The information includes housing, homelessness, mental health and substance abuse disorders, transportation, and food insecurity, according to the announcement.

Health Analytics

Health Analytics HIPAA

HHS issues guidance on the use of online tracking tools in healthcare CRM

Healthcare It News

DECEMBER 2, 2022

Department of Health and Human Services issued a bulletin to highlight the obligations on covered entities and business associates under HIPAA's Privacy, Security and Breach Notification Rules when using online tracking technologies. HIPAA compliance obligations for regulated entities when using tracking technologies.

HIPAA

HIPAA Compliance

Is Verbal Consent Permitted for HIPAA?

Compliancy Group

NOVEMBER 29, 2024

When understanding what practices are permissible under the Health Insurance Portability and Accountability Act (HIPAA), it makes sense to plan for various contingencies. For example, if a patient cannot provide written consent for releasing their protected health information (PHI), is verbal consent permitted for HIPAA?

HIPAA

HIPAA Informed Consent Compliance Health Insurance

Fast Focus: Payer Direct Access to Provider EHRs

MRO Compliance

DECEMBER 20, 2024

Although payers are authorized to access data for treatment, payment, or operations (TPO) under HIPAA, the minimal necessary rule still applies. However, this practice can lead to unintended consequences, such as higher denial rates and unauthorized access to protected health information (PHI).

HIPAA

HIPAA Compliance

HIPAA Compliance vs ISO 27001

Compliancy Group

MARCH 5, 2025

With data breaches rising, protecting sensitive information is essential for staying compliant and sustaining patients’ trust. When it comes to HIPAA compliance vs. ISO 27001, many businesses opt for both because the HIPAA Security Rule and the ISO 27001 framework can be used for data risk management.

HIPAA

HIPAA Compliance Fraud Health Insurance

Ensuring HIPAA Compliance in Telehealth Sessions

HealthIT Answers

MARCH 18, 2025

However, with the shift to virtual care comes a critical responsibility ensuring the security and privacy of patient information. The post Ensuring HIPAA Compliance in Telehealth Sessions appeared first on Health IT Answers.

HIPAA

HIPAA Compliance

AHA says OCR's online tracking tool rules need to go

Healthcare It News

OCTOBER 3, 2023

Health and Human Services Office of Civil Rights rule regarding the use of online tracking tools is at odds with existing HIPAA rules and could cause meaningful harm to patients and public health. "Should requirements of such a duty be based on the sensitivity of collected data?"

HIPAA

HIPAA Hospitals Public Health Doctors

What Should I Know About Health Information Exchange?

Compliancy Group

DECEMBER 16, 2024

The ability to transfer protected health information (PHI) is crucial to providing quality care and saving healthcare costs. There are several advantages to health information exchange, such as involving the right specialists in a patients treatment. This article answers the question, What is health information exchange?

HIPAA

HIPAA Informed Consent Compliance Doctors

LuxSci: A Comprehensive Review of HIPAA Compliant Email Encryption

Total HIPAA

DECEMBER 3, 2024

Introduction In today’s digital age, protecting sensitive patient information (PHI) is paramount for healthcare organizations. HIPAA compliance mandates stringent security measures, including the use of robust email encryption services. LuxSci offers a comprehensive solution tailored to the needs of healthcare businesses.

HIPAA

HIPAA Compliance

Identillect: A Comprehensive Review of HIPAA Compliant Email Encryption

Total HIPAA

DECEMBER 3, 2024

Introduction In today’s digital age, protecting sensitive patient information (PHI) is paramount for healthcare organizations. HIPAA compliance mandates stringent security measures, including the use of robust email encryption services. HIPAA Compliant eSign: Identillect’s eSign solution enables secure document signing.

HIPAA

HIPAA Compliance

Your Organization’s Guide to Handling HIPAA Documents

Compliancy Group

DECEMBER 27, 2024

A critical job of compliance officers is handling HIPAA documentation, which makes it possible to provide employee training, outline correct procedures, and prove compliance with healthcare regulations. Patients must acknowledge with a signature that theyve received and understood this information.

HIPAA

HIPAA Compliance Informed Consent Compliance Officers

Hushmail: A Comprehensive Review for HIPAA Compliance

Total HIPAA

DECEMBER 3, 2024

Introduction In today’s digital age, safeguarding sensitive patient information (PHI) is paramount for healthcare organizations. HIPAA compliance mandates stringent security measures, including the use of robust email encryption services. Pricing Hushmail’s healthcare package pricing is as follows: One User: $9.99/month

HIPAA

HIPAA Compliance

The Key to Fixing the HIPAA Auditing Process – Collaboration

HealthIT Answers

DECEMBER 30, 2024

The Change Healthcare breach in particular caused the exposure of the protected health information of as many as one in three Americans earlier this year. The post The Key to Fixing the HIPAA Auditing Process Collaboration appeared first on Health IT Answers.

HIPAA

HIPAA Compliance

OCR Enters Into $250,000 Settlement with Healthcare Clearinghouse Over Potential HIPAA Violations

Compliancy Group

DECEMBER 12, 2024

In December of 2024, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $250,000 settlement with Puerto Rico-based healthcare clearinghouse Inmediata Health Group, LLC (Inmediata), over the latters potential HIPAA Privacy and Security Rule violations.

HIPAA

HIPAA Compliance Hospitals

Behavioral health roundup: AI helps predict risk, boost patient experience

Healthcare It News

MARCH 31, 2025

The company's customers can use the new Talkcast feature to generate and review a three-to-five minute, HIPAA-compliant episode before sending podcasts to clients aged 18 or over, according to the announcement. Therapeutic exercises can lead to better patient outcomes, the company said.

Doctors

Doctors HIPAA Hospitals

AHA rebuts OCR's attempt to revise online tracking rules

Healthcare It News

APRIL 16, 2024

The American Hospital Association is taking exception at recently-updated rules from HHS Office for Civil Rights related to the use of online tracking tools by health systems and other HIPAA Covered Entities.

HIPAA

HIPAA Hospitals

Code Red: Healthcare Cybersecurity in a Post-Chevron World

HIT Consultant

OCTOBER 22, 2024

The healthcare sector, heavily regulated by statutes such as HIPAA and new cybersecurity guidelines like the Health Sector Cybersecurity Coordination Center (HSCC) Health Industry Cybersecurity Practices (HICP), now faces uncertainty. For example, HHS has interpreted HIPAA to require robust cybersecurity measures to protect patient data.

HIPAA

HIPAA Compliance Public Health Medicaid

Cerebral says 3M affected by a patient data breach

Healthcare It News

MARCH 13, 2023

A patient information disclosure has impacted more than 3 million patients who use online virtual mental health platform Cerebral, according to the U.S. The unauthorized patient data disclosures may have also included appointment information, treatment notes, and insurance particulars for those that subscribed to the service.

HIPAA

HIPAA Compliance Hospitals

Your Guide to the HIPAA Incident Report

Compliancy Group

NOVEMBER 11, 2024

The Health Insurance Portability and Accountability Act (HIPAA) requires all hospitals, medical practices, and healthcare organizations to follow federal guidelines to safeguard protected health information (PHI). Therefore, it is a federal requirement to report any violation of HIPAA.

HIPAA

HIPAA Compliance Officers Compliance Health Insurance

Simplifying HIPAA Healthcare Compliance With Automated Solutions

Compliancy Group

JANUARY 10, 2025

There are multiple challenges that fall within maintaining HIPAA compliance, which is likely why at least 133 million patient records were exposed in 2023 alone. Healthcare organizations continue to face hurdles with HIPAA compliance, the primary difficulties being breach notification processes, security, and overall privacy.

HIPAA

HIPAA Compliance Compliance Officers

With wider EHI scope compliance on tap for 2022, ONC offers clarity

Healthcare It News

DECEMBER 23, 2021

Leaders from the Office of the National Coordinator for Health IT offered some help for healthcare organizations who will face broader information blocking compliance in 2022 – specifically with regard to the sharing of electronic health information, or EHI. Information must also meet the definition of a Designated Record Set.

Compliance

Compliance HIPAA

Understanding HIPAA Control Requirements

Compliancy Group

JANUARY 17, 2025

There are various HIPAA control requirements, including administrative, physical, and technical safeguards. To help organizations implement and sustain these safeguards, HIPAA is made up of four primary rules. Those rules help healthcare businesses enhance and deploy HIPAA controls throughout their organization.

HIPAA

HIPAA Compliance

How to Make a HIPAA-Compliant Website: A Step-by-Step Guide

Compliancy Group

APRIL 2, 2025

Making a HIPAA-compliant website doesnt have to mean rebuilding your existing website from scratch or paying for expensive web hosting. In this guide, well go over some of the website components that are required to be HIPAA compliant, focusing on what matters most and helping you to stay efficient and on budget.

HIPAA

HIPAA Compliance Payment Systems

Modernizing Healthcare Communications with Cloud Fax

Healthcare IT Today

DECEMBER 11, 2024

Under HIPAA compliance, healthcare organizations must ensure that all communications, including fax, are secure and meet stringent standards. By modernizing these systems with cloud-based solutions, healthcare organizations can find a balance between HIPAA compliance and operational efficiency.

Compliance

Compliance HIPAA Regulatory Compliance Hospitals

Sharing hospital website user data with 3rd parties is common, study shows

Healthcare It News

APRIL 18, 2024

Of the community hospitals in the study that do reveal in their user privacy policies that they transfer data to third parties, about three-quarters noted user information would be used for advertising and marketing purposes while half disclosed the names of the third-party companies. The researchers also reported that 56.3%

Hospitals

Hospitals HIPAA

HIPAA Compliance Starts with You: Avoiding Common Data Breach Mistakes

Total Medical ComplianceHIPAA

MARCH 14, 2025

In todays digital healthcare environment, protecting patient information is not just the responsibility of IT or compliance officersit is a shared duty among all employees. A single mistake, such as sending an email to the wrong recipient or leaving a workstation unlocked, can expose sensitive information.

Compliance

Compliance HIPAA Regulatory Compliance Compliance Officers

California Consumer Privacy Act can cause headaches for healthcare orgs

Healthcare It News

SEPTEMBER 21, 2021

The California Consumer Privacy Act, passed in 2018, aims to give consumers more control over their online personal information. After interviewing 19 digital privacy and information system experts, researchers found that professionals perceived legal and technological challenges for healthcare organizations in complying with CCPA.

HIPAA

HIPAA COVID-19 Regulatory Compliance Compliance

Change Healthcare has responsibility to notify patients data breach, says OCR

Healthcare It News

JUNE 3, 2024

WHY IT MATTERS Published on April 19, the FAQ addresses HIPAA rules as it relates to the February 9 cybersecurity incident impacting Change Healthcare, a unit of UnitedHealth Group, which had a widespread impact on healthcare organizations across the United States.

HIPAA

OCR Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

HealthIT Answers

JANUARY 7, 2025

The proposed rule would modify the HIPAA Security Rule to require health plans, health care clearinghouses, and most health care providers, and their business associates, to strengthen cybersecurity protections for individuals protected health information.

HIPAA

HIPAA Compliance

A Look at Changes in the NEW HIPAA Security Rule

HubSpot announces HIPAA-compliant tools in public beta

Webinars

Trending Sources

HIPAA Phishing Scandal Results in $3M OCR Settlement

Webinars

OCR fines 11 healthcare orgs for HIPAA right of access cases

Best Practices for Sharing Protected Health Information (PHI)

HIPAA Compliance in the Age of Big Data: Ensuring Patient Privacy in Healthcare Data Analytics

Egress: A Comprehensive Review for HIPAA Compliance

HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation for $90,000

HIPAA 2024 Year in Review – Ransomware, Risk Analysis, and Right of Access Remedies

HIPAA: Why It Matters to Your Practice

OCR Settles With Northeast Surgical Group, P.C. over Potential HIPAA Risk Analysis Rule Violation

Feds ding five providers in HIPAA Right of Access enforcement actions

Key Challenges in Maintaining Compliance with Regulatory Standards in the Context of Health Information Management

Mind over Machine: Navigating the Legal and Ethical Frontier of Neurotech

HIPAA Compliance: Can Your Organization Avoid Costly Government Penalties and Fines?

Santa Cruz Health Information Organization to integrate SDOH data

HHS issues guidance on the use of online tracking tools in healthcare CRM

Is Verbal Consent Permitted for HIPAA?

Fast Focus: Payer Direct Access to Provider EHRs

HIPAA Compliance vs ISO 27001

Ensuring HIPAA Compliance in Telehealth Sessions

AHA says OCR's online tracking tool rules need to go

What Should I Know About Health Information Exchange?

LuxSci: A Comprehensive Review of HIPAA Compliant Email Encryption

Identillect: A Comprehensive Review of HIPAA Compliant Email Encryption

Your Organization’s Guide to Handling HIPAA Documents

Hushmail: A Comprehensive Review for HIPAA Compliance

The Key to Fixing the HIPAA Auditing Process – Collaboration

OCR Enters Into $250,000 Settlement with Healthcare Clearinghouse Over Potential HIPAA Violations

Behavioral health roundup: AI helps predict risk, boost patient experience

AHA rebuts OCR's attempt to revise online tracking rules

Code Red: Healthcare Cybersecurity in a Post-Chevron World

Cerebral says 3M affected by a patient data breach

Your Guide to the HIPAA Incident Report

Simplifying HIPAA Healthcare Compliance With Automated Solutions

With wider EHI scope compliance on tap for 2022, ONC offers clarity

Understanding HIPAA Control Requirements

How to Make a HIPAA-Compliant Website: A Step-by-Step Guide

Modernizing Healthcare Communications with Cloud Fax

Sharing hospital website user data with 3rd parties is common, study shows

HIPAA Compliance Starts with You: Avoiding Common Data Breach Mistakes

California Consumer Privacy Act can cause headaches for healthcare orgs

Change Healthcare has responsibility to notify patients data breach, says OCR

OCR Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

Stay Connected