News

General Data Protection Regulation (GDPR) Compliance

HIPAA Journal published an article online this week regarding General Data Protection Regulation (GDPR) Compliance. Their article states that the goal of their short piece is to provide a checklist for companies or businesses who are concerned with GDPR compliance. Their list should permit such entities to take initial steps in order to comply with GDPR and to note that it is not intended to be a comprehensive guide, more so a few “rules of thumb” to take into account in order to get started.

For more information and to view the full article visit HIPAA Journal’s website here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net.

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net or follow us on Facebook at https://www.facebook.com/hipaanews.

 

Doc Vader on ER Misuse

Here is another clip of Doc Vader doing what he does best, putting a smile on your face. This time discussing the misuse of the ER. Click the video below to watch!

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net 

 

HIPAA Privacy Complaints

HIPPA Complaint

HIPAA Journal published an article online this week addressing client HIPAA violation complaints and whether or not health care providers are equipped to properly address these complaints. According to the article, in order for an efficient response to be conducted, policies should be developed covering the complaints procedure and staff must be trained to handle HIPAA privacy complaints correctly. Also, patients must also be clearly informed how they can make a HIPAA privacy complaint if they feel that their privacy has been violated or HIPAA Rules have been breached. This should be clearly stated in your Notice of Privacy Practices.

For more information and to view the full article visit HIPAA Journal’s website here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net.

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net or follow us on Facebook at https://www.facebook.com/hipaanews.

2017 is Raising the Bar for Annual HIPAA Breaches

HIPAA News

This week MSPmentor published an article online regarding the current pace of HIPAA breaches potentially doubling that of 2016. According to the article, the 66 percent increase – thus far – is driven by a sharp rise in the number of incidents designated as “Hacking/IT Incident,” which were up 82 percent, to 104 in 2017. The second most common cause for a HIPAA breach this year was unauthorized access or disclosure, which totaled 69 cases. An MSPmentor review of records maintained by the U.S. Department of Health and Human Services Office of Civil Rights (OCR) suggests hackers are stepping up attacks against healthcare targets, which hold the holy grail of data: Detailed medical information.

For the full article visit MSPmentor’s website here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net.

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net or follow us on Facebook at https://www.facebook.com/hipaanews.

Ensuring Availability of HIPAA During Natural Disasters

This week Mondaq published an article online regarding the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reminded health care providers of the importance of ensuring the availability and security of health information during and after natural disasters.

According to the article, OCR recently published a bulletin during Hurricane Harvey discussing how the HIPAA Privacy Rule applies to sharing protected health information (PHI) during natural disasters. Recirculated while Irma was looming, the guidance document reminds health care providers that HHS may waive sanctions and penalties against a covered hospital for certain activities (e.g., obtaining a patient’s agreement before speaking with family or friends involved in the patient’s care) during an emergency. However, the waiver is limited to certain hospitals located within an emergency area and for a specific period of time. More importantly, OCR noted in the bulletin that the Privacy Rule still applies to covered entities and their business associates during such emergencies, but the Privacy Rule does allow the disclosure of PHI without the patient’s consent for the patient’s treatment or public health activities. Covered entities may also share PHI with a patient’s family or friends identified by the patient as being involved in their care, but OCR recommends that the covered entities obtain verbal permission or otherwise confirm that the patient does not object to sharing the information with these individuals.

For the full article visit Mondaq’s website here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net or follow us on Facebook at https://www.facebook.com/hipaanews

How Secure Is Your Laptop?

Laptop

Let’s just say if your laptop has access to confidential patient information, it might make sense to have your i’s dotted and your t’s crossed when it comes to laptop security. MSPmentor reported this week that a Pennsylvania provider was fined $2.5 million dollars when a laptop containing patient information was stolen and hacked into, causing their second data breach. The first breach occurred in 2012 and little information was released. Make sure your IT security is doing everything they can to protect all of your patients on all of your devices. For the full article visit MSP Mentor’s website here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net 

$400,000 HIPAA Breach Penalty In Denver, Colorado

MSP Mentor recently posted an article stating a network of public health clinics in the Denver, Colorado have been fined $400,000 for HIPAA data breaches. The breaches occurred through phishing (aka email hacking), gaining electronic health records of over 3,000 patients.

“Investigators from the U.S. Department of Health and Human Services Office of Civil Rights (OCR) found that MCPN violated the HIPAA Security Rule by failing to do proper risk assessments or implement adequate cybersecurity measures and procedures.” To view the entire article, visit here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net 

 

 

Can HIPAA Violations Occur Through Our Smart Watches or Fitbits?

CSO Online published an article discussing the “10 Security Risks of Wearables”. The article presents an informative breakdown of the security risks wearables potentially bring into the work environment.

“IT should treat wearables like any other computing device on their network, Manzuik says. ‘When possible, consider segregating IoT devices to their own network and don’t connect them directly to the internet.’ Because some IoT devices have ‘a history of poor security,’ organizations should keep these devices on a dedicated network that doesn’t provide any access to internal resources, such as a guest Wi-Fi network…”

To read the full article on CSO Online’s website click here.

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net 

Health Records and Cybercriminals

E Commerce Times recently posted an article titled, “Why are Health Records so Valuable to Cybercriminals?” The article describes why cybercriminals like to target electronic health records (EHR) and explains how HIPAA does, and at times does not, protect EHRs. To check out the full article visit: http://www.ecommercetimes.com/story/84417.html 

For daily HIPPA News visit our HIPAA News sidebar at https://hipaanews.net

If you would like to receive an email update every time HIPAA news posts a blog, sign up on our website at https://hipaanews.net