HIPAA, Licensing and Medicaid - Health Care Compliance Brief

OCR will ease restrictions on telehealth tech during COVID-19

Healthcare IT News - Telehealth

MARCH 18, 2020

The HHS Office for Civil Rights announced on Tuesday that during the coronavirus pandemic it will use discretion when enforcing HIPAA-compliance for telehealth communications tools. " Wherever possible, providers should use telehealth tools from vendors that are HIPAA compliant and will enter into business-associate agreements, said OCR.

COVID-19

COVID-19 HIPAA Nursing Homes Medicare

What sort of staying power does telehealth really have?

Healthcare IT News - Telehealth

JUNE 15, 2020

This past week, Centers for Medicare and Medicaid Services Administrator Seema Verma said she "can't imagine going back" to making beneficiaries return to in-person visits after the agency's relaxation of telehealth regulations in response to the coronavirus pandemic.

Telemedicine

Telemedicine Licensing HIPAA COVID-19

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

HIPAA Journal

APRIL 14, 2023

The Iowa Department of Health and Human Services (DHHS) has confirmed that the personal information of 20,800 Iowans who receive Medicaid was exposed in a cyberattack at a subcontractor of one of its business associates between June 30, 2022, and July 5, 2022. Telligen performs annual assessments on Medicaid recipients for the Iowa DHSS.

Medicaid

Medicaid Medicaid Ransomware HIPAA

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

HIPAA Journal

JUNE 8, 2023

The Iowa Department of Health and Human Services has announced there have been three separate breaches of the protected health information of Iowa Medicaid recipients in the past two months – two hacking incidents and an impermissible disclosure, all three of which involved third-party contractors.

Medicaid

Medicaid Medicaid Ransomware Health Insurance

Preventing Non-Compliance Consequences in Healthcare

Verisys

MARCH 6, 2025

Department of Health and Human Services (HHS) Enforces regulations like the Health Insurance Portability and Accountability Act (HIPAA) to ensure patient data privacy and security. In another case, Californias Providence Medical Institute was fined $240,000 for violating HIPAA Security Rules, which led to a data breach. Sources: ADA.

Compliance

Compliance HIPAA Licensing Governance

2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B

Compliancy Group

JANUARY 23, 2025

billion in recuperated funds account for federal losses, many cases also involved Medicaid losses at the state level, in which the federal government was instrumental in aiding recovery efforts. While the $1.67 Gregory Gerber: $4.7M Allegations that he issued prescriptions without a medical need for opioids and other controlled substances.

Fraud

Fraud Medicare Medicare Regulatory Compliance

Teletherapy Billing: A Comprehensive Guide for Providers

Medisys Compliance

DECEMBER 24, 2024

Medicare Reimbursement Medicare covers teletherapy under specific guidelines: Eligible Providers: Includes licensed clinical social workers (LCSWs), clinical psychologists, and other licensed professionals. Check state-specific Medicaid guidelines to ensure compliance. HIPAA-compliant Zoom) and any technical difficulties.

Medical Billing Outsourcing

Medical Billing Outsourcing Medicaid Medicaid Medical Billing

The Most Common HIPAA Violations You Should Avoid

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules. Are Data Breaches HIPAA Violations?

HIPAA

HIPAA Compliance Hospitals Medicare

Telehealth's post-COVID challenge: integrating in-person care

Healthcare IT News - Telehealth

JUNE 3, 2020

He noted the moves by the Centers for Medicare and Medicaid Services to reimburse providers for services and allow telehealth care between states , and the relaxed HIPAA regulations around technology use , as important contributors to the uptick in telehealth availability.

Telemedicine

Telemedicine COVID-19 HIPAA Medicare

Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services

HIPAA Journal

JULY 4, 2024

SkinCure Oncology has notified 13,434 patients about an email attack that occurred in June 2023, and the Wisconsin Department of Health Services has announced a breach of the personal information of 19,150 Medicaid recipients. The helpline is manned Monday to Friday from 8:00 a.m. to 5:30 p.m. Central Time. Central Time.

Medicaid

Medicaid Medicaid Fraud Licensing

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

The system contained patients’ names, birth dates, insurance card numbers, driver’s license numbers, and copies of patients’ insurance cards and driver’s licenses. The post Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital appeared first on HIPAA Journal.

Ransomware

Ransomware Hospitals Licensing HIPAA

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

HIPAA Journal

OCTOBER 7, 2022

On August 5, 2022, Anthem discovered that an unauthorized individual had gained access to a database and downloaded files containing plan members’ protected health information, including names, addresses, dates of birth, phone numbers, email addresses, Medicare ID numbers, and Medicaid ID numbers.

HIPAA

HIPAA Health Insurance Medicaid Medicaid

What is HIPAA Enforcement Discretion?

HIPAA Journal

JUNE 26, 2023

HIPAA enforcement discretion occurs when the Secretary for Health and Human Services (HHS) announces the Department will exercise discretion in the enforcement of HIPAA Rules. Typically, Notices of Enforcement Discretion last between 72 hours and 60 days, are state or region-specific and apply to specific provisions of the HIPAA Rules.

HIPAA

HIPAA COVID-19 COVID-19 Vaccine Public Health

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

HIPAA Journal

OCTOBER 17, 2022

The exposed information included names, dates of birth, Social Security numbers, driver’s license numbers, clinical/diagnosis information, health insurance member ID numbers, medical record numbers, and Medicare or Medicaid numbers. Valle De Sol said it has not received any reports from patients to suggest any misuse of their data.

Health Insurance

Health Insurance Licensing Fraud HIPAA

The COVID-19 crisis has 'forced people into virtual mediums,' says Summus CEO

Healthcare IT News - Telehealth

SEPTEMBER 9, 2020

"If you're not licensed in that state, you can't practice medicine through a virtual medium in a non-COVID world," he said. He also pointed to the easing of HIPAA restrictions by the U.S. "It's a different legal arrangement." Department of Health and Human Services Office of Civil Rights.

COVID-19

COVID-19 Doctors HIPAA Telemedicine

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

HIPAA Journal

MAY 19, 2022

Million Data Breach Settlement Gets Preliminary Approval appeared first on HIPAA Journal. The breach was reported to the HHS’ Office for Civil Rights as affecting 114,007 individuals. The post Solara Medical Supplies $9.76

Licensing

Licensing HIPAA Health Insurance Medicaid

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

HIPAA Journal

SEPTEMBER 9, 2022

Those emails contained patient information such as names, dates of birth, Social Security numbers, medical information, health insurance information, driver’s license numbers, and state ID numbers. appeared first on HIPAA Journal. The information exposed varied from patient to patient.

Licensing

Licensing Health Insurance Fraud HIPAA

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

HIPAA Journal

MARCH 14, 2022

A subset of patients also had their Social Security numbers, driver’s license numbers, and/or financial account information exposed. The post Capital Region Medical Center and Labette Health Announce Potential PHI Breaches appeared first on HIPAA Journal.

Electronic Medical Records

Electronic Medical Records Health Insurance HIPAA Licensing

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

HIPAA Journal

MARCH 25, 2022

The files contained first and last names, Social Security numbers, drivers’ license information, dates of birth, health insurance information, medical treatment information, and financial account information. The attached file contained information such as member names, ID numbers, Medicare/Medicaid numbers, and dates of birth.

Health Insurance

Health Insurance Licensing Ransomware Fraud

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

HIPAA Journal

MARCH 10, 2022

Individuals whose Social Security number, driver’s license, state identification number, or financial account information may have been involved have been offered complimentary credit monitoring services. The post 6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks appeared first on HIPAA Journal.

Ransomware

Ransomware Licensing Health Insurance HIPAA

Dental Health Management Solutions Notified Patients About Historic Data Breach

HIPAA Journal

MARCH 6, 2023

The types of information exposed varied from individual to individual and may have included names, addresses, medical information, health insurance information, Medicaid identification numbers, driver’s licenses, account and routing numbers, and Social Security numbers.

Electronic Medical Records

Electronic Medical Records HIPAA Licensing Nurses

Great Valley Cardiology Notifies 181,700+ Individuals About PHI Exposure

HIPAA Journal

JUNE 16, 2023

Further information on the data breach has been covered by The HIPAA Journal here. The letters included Medicaid benefit information, although only around 200 of the 5,800 individuals affected had either their Medicare health insurance claim number (HICN) or Social Security number disclosed.

Medicaid

Medicaid Medicaid HIPAA Health Insurance

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

HIPAA Journal

MAY 25, 2022

The post SAC Health Theft Incident and Multiple Ransomware Attacks Reported appeared first on HIPAA Journal. Lifespan said multiple layers of protection were in place, and additional security measures have now been implemented.

Ransomware

Ransomware Fraud HIPAA Licensing

Automating Your OIG LEIE Exclusion Search

Compliancy Group

NOVEMBER 25, 2024

Providers can appear on this list for a range of reasons varying from convictions related to Medicare or Medicaid fraud or even cases of patient abuse or licensing issues. In cases like this, checking the employee’s information against Medicaid databases could also be helpful.

Compliance

Compliance Fraud Medicaid Medicaid

What's ahead for health IT policy and legislation in 2023

Healthcare IT News - Telehealth

JANUARY 23, 2023

In 2023, HIMSS will not only be working to prop up telehealth further with really strong data on how these services help patients to achieve broader reform, but will also work at the state level with licensing boards to discuss how telemedicine can reach more patients. Part 2 – with HIPAA.

Medicare

Medicare Medicare Governance Medicaid

235,000 Keystone Health Patients Affected by August 2022 Cyberattack

HIPAA Journal

OCTOBER 18, 2022

Prompt notification is a requirement of the HIPAA Breach Notification Rule and is important for patients, as it allows them to take appropriate steps to protect themselves against misuse of their information. The post 235,000 Keystone Health Patients Affected by August 2022 Cyberattack appeared first on HIPAA Journal.

HIPAA

HIPAA Health Insurance Licensing Medicaid

Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients

HIPAA Journal

SEPTEMBER 14, 2022

The files contained names, addresses, email addresses, birth dates, Social Security numbers, driver’s license numbers, state ID numbers, health insurance provider names, medical diagnoses, treatment information, medications, and lab results. The types of information exposed in the attack varied from patient to patient.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Eliminating the Manual Approach to the New York Medicaid Exclusion List

Compliancy Group

JANUARY 3, 2025

There are a variety of reasons that a provider can end up on this list, from committing fraud, providing care with a suspended license, or being involved in patient abuse cases. Aside from monetary losses, employing or contracting someone on these exclusion lists can result in the loss of Medicaid reimbursements. There has been a 4.2%

Medicaid

Medicaid Medicaid Compliance Fraud

Everything You Need To Know About NPI Numbers

Verisys

NOVEMBER 8, 2023

CMS.gov The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the creation of a standard, unique health identifier for healthcare providers, which the NPI satisfies. While health plans may use other numbers internally, the NPI is mandatory for HIPAA transactions.

Fraud

Fraud HIPAA Medicare Medicare

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

HIPAA Journal

APRIL 13, 2022

The post Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches appeared first on HIPAA Journal. This post will be updated when further information becomes available.

Ransomware

Ransomware HIPAA Licensing Health Insurance

559,000 Individuals Affected by Murfreesboro Medical Clinic & SurgiCenter Cyberattack

HIPAA Journal

JULY 4, 2023

Affected individuals had one or more of the following exposed: name, address, driver’s license number, health insurance information, medical information, date of birth, and Social Security number. The post 559,000 Individuals Affected by Murfreesboro Medical Clinic & SurgiCenter Cyberattack appeared first on HIPAA Journal.

Medicaid

Medicaid Medicaid Health Insurance Licensing

Interview: Caroline Cook, Privacy Consultant, GDH Government Consulting Services

HIPAA Journal

NOVEMBER 17, 2022

HIPAA Journal is conducting interviews with healthcare professionals and service providers to find out more about their compliance journeys, how the HIPAA Rules have affected their working lives, and the successes and challenges they have faced with HIPAA compliance. When did you first get involved with HIPAA compliance?

Governance

Governance HIPAA Compliance Nursing Homes

Up to 11 Million Health Records Compromised in Cyberattack on Government Contractor

HIPAA Journal

JULY 31, 2023

The Department of Health and Human Services’ Centers for Medicare and Medicaid Services (CMS) has confirmed that the PHI of approximately 612,000 current Medicare recipients was exposed in this incident and up to 645,000 individuals in total. The CMS said it is working with Maximus to provide notice to the affected individuals.

Governance

Governance Medicare Medicare Ransomware

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

HIPAA Journal

MAY 16, 2022

The post Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack appeared first on HIPAA Journal. RiverKids said additional email security measures have been implemented to prevent further security incidents.

Health Insurance

Health Insurance Ransomware HIPAA Licensing

Hackensack Meridian Health shows the benefits of telepsychiatry

Healthcare IT News - Telehealth

MARCH 29, 2022

With a shortage of physicians to address the growing need for care, a lack of providers who accept Medicaid, and access issues due to transportation or office hour challenges, healthcare organizations are looking to technology to help bridge the gap. Addressing the increasing need for behavioral health services is a nationwide challenge.

COVID-19

COVID-19 Nursing Homes Nurses Licensing

Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice

HIPAA Journal

NOVEMBER 12, 2024

The post Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice appeared first on The HIPAA Journal. The breach has recently been reported to the HHS’ Office for Civil Rights as affecting 500 individuals.

Health Insurance

Health Insurance Fraud Licensing HIPAA

Good Samaritan Hospital Settles Class Action Data Breach Lawsuit

HIPAA Journal

JUNE 28, 2023

The post Good Samaritan Hospital Settles Class Action Data Breach Lawsuit appeared first on HIPAA Journal. A lawsuit – Young, et al. The class members were represented by Joshua B Swigart of Swigart Law Group AFC and Gayle M Blatt of Casey Gerry Schenk Francavilla Blatt & Penfield LLP.

Hospitals

Hospitals Fraud Licensing HIPAA

Telehealth Startup OpenLoop Raises $15 Million to Streamline Virtual Care Delivery

Healthcare IT Today

MARCH 27, 2023

Their API-driven platform can be aligned to meet brand needs and securely houses patient PII with its built in HIPAA compliance software. Clinicians can manage appointments, write prescriptions, chart notes and handle booking and payments all in one place.

Licensing

Licensing Health Outcomes Medicaid Medicaid

Data Breaches Reported by WV and CO Healthcare Providers and NJ Medical Billing Administrator

HIPAA Journal

APRIL 8, 2022

The post Data Breaches Reported by WV and CO Healthcare Providers and NJ Medical Billing Administrator appeared first on HIPAA Journal. CPP has issued notification letters to affected individuals and is offering complimentary identity theft protection services.

Medical Billing

Medical Billing Licensing Health Insurance Medicaid

New York Provider of Administrative Anesthesiology Services Facing Multiple Class Action Data Breach Lawsuits

HIPAA Journal

NOVEMBER 15, 2022

– over the data breach that allege the company was negligent for failing to implement appropriate safeguards to ensure the confidentiality, integrity, and availability of patient information, that Somnia failed to comply with FTC guidelines and the HIPAA Rules and had not followed industry standards for data security.

HIPAA

HIPAA Fraud Licensing Health Insurance

Health & Palliative Services of the Treasure Coast & Universal Health Corporation Suffer Email Breaches

HIPAA Journal

NOVEMBER 12, 2024

The post Health & Palliative Services of the Treasure Coast & Universal Health Corporation Suffer Email Breaches appeared first on The HIPAA Journal. Universal Health Corporation is reviewing its data security policies and procedures and has implemented additional safeguards to prevent similar breaches in the future.

HIPAA

HIPAA Licensing Health Insurance Medicaid

LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data

HIPAA Journal

AUGUST 8, 2023

Precision Anesthesia Billing LLC Reports Breach of the PHI of 209,200 Individuals The Tampa, FL-based HIPAA business associate, Precision Anesthesia Billing LLC (PAB), reported a breach of the protected health information of 209,200 individuals to the HHS’ Office for Civil Rights on July 7, 2023.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Email Breaches Reported by Cardiac Imaging Associates & Centerstone of Tennessee

HIPAA Journal

OCTOBER 11, 2022

The post Email Breaches Reported by Cardiac Imaging Associates & Centerstone of Tennessee appeared first on HIPAA Journal. It was not possible to determine if any emails or file attachments were opened or acquired by the attacker.

Licensing

Licensing HIPAA Health Insurance Medicaid

One RPM expert's take on why the tech is needed alongside telehealth

Healthcare IT News - Telehealth

OCTOBER 20, 2021

Early on in the pandemic, the Centers for Medicare & Medicaid Services (CMS) extended telehealth waivers that helped bring virtual care services into the mainstream. From that point forward, all health systems will need to have a HIPAA-compliant solution at the ready.

COVID-19

COVID-19 Hospitals Telemedicine Licensing

OCR will ease restrictions on telehealth tech during COVID-19

What sort of staying power does telehealth really have?

Trending Sources

ILS Data Breach Affects Almost 21K Iowan Medicaid Recipients

Multiple Data Breaches Reported by Iowa Medicaid and South Jersey Behavioral Health Resources

Preventing Non-Compliance Consequences in Healthcare

2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B

Teletherapy Billing: A Comprehensive Guide for Providers

The Most Common HIPAA Violations You Should Avoid

Telehealth's post-COVID challenge: integrating in-person care

Email Breaches Reported by SkinCure Oncology & the Wisconsin Department of Health Services

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

PHI Exposed in Data Incidents at Anthem, WellMed Medical Management and CareOregon

What is HIPAA Enforcement Discretion?

70,000 Valle del Sol Community Health Patients Affected by Cyberattack

The COVID-19 crisis has 'forced people into virtual mediums,' says Summus CEO

Solara Medical Supplies $9.76 Million Data Breach Settlement Gets Preliminary Approval

Data Breaches Reported by Henderson & Walton Women’s Center & Genesis Health Care Inc.

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

Email Incidents Reported by Ultimate Care, CareOregon Advantage, and University Medical Center Southern Nevada

6 Healthcare Providers and Business Associates Report Hacks and Ransomware Attacks

Dental Health Management Solutions Notified Patients About Historic Data Breach

Great Valley Cardiology Notifies 181,700+ Individuals About PHI Exposure

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Automating Your OIG LEIE Exclusion Search

What's ahead for health IT policy and legislation in 2023

235,000 Keystone Health Patients Affected by August 2022 Cyberattack

Ransomware Attack on Medical Associates of the Lehigh Valley Affects 75K Patients

Eliminating the Manual Approach to the New York Medicaid Exclusion List

Everything You Need To Know About NPI Numbers

Resources for Human Development, WellStar Health & Central Vermont Eye Care Announce Data Breaches

559,000 Individuals Affected by Murfreesboro Medical Clinic & SurgiCenter Cyberattack

Interview: Caroline Cook, Privacy Consultant, GDH Government Consulting Services

Up to 11 Million Health Records Compromised in Cyberattack on Government Contractor

Refuah Health Center Alerts 260K Patients About May 2021 Cyberattack

Hackensack Meridian Health shows the benefits of telepsychiatry

Data Breaches Announced by New Jersey Rehabilitation Center & Rhode Island Orthopedic Practice

Good Samaritan Hospital Settles Class Action Data Breach Lawsuit

Telehealth Startup OpenLoop Raises $15 Million to Streamline Virtual Care Delivery

Data Breaches Reported by WV and CO Healthcare Providers and NJ Medical Billing Administrator

New York Provider of Administrative Anesthesiology Services Facing Multiple Class Action Data Breach Lawsuits

Health & Palliative Services of the Treasure Coast & Universal Health Corporation Suffer Email Breaches

LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data

Email Breaches Reported by Cardiac Imaging Associates & Centerstone of Tennessee

One RPM expert's take on why the tech is needed alongside telehealth

Stay Connected