By Art Gross -How do you identify the vaccinated from the non-vaccinated? A vaccination passport is a way of verifying that the user or carrier identified within it has been vaccinated – or not. Does it violate HIPAA? No.Read More
Data Privacy and Security
By Art Gross – We have seen the healthcare industry rise to the occasion this past year. Telehealth does offer a viable solution for many people who cannot travel outside of their homes, and at the same time, it offers a safe solution to anyone who is COVID-19 cautious.
By Paul Nadrag – By now, all hospitals and health systems are aware of ransomware-related cyberattacks where a hacker will gain control of a computer network, data center or cloud server and encrypt the data, effectively blocking access until a ransom is paid.
By Devin Partida – The Office for Civil Rights has issued a notice of enforcement regarding HIPAA regulations and COVID-19 vaccine-scheduling apps. The update states that the OCR won’t impose HIPAA noncompliance penalties related to good-faith use of these services.
By Matt Fisher – After a bit longer of a delay than was initially expected, the Department of Health and Human Services released a proposed rule to change pieces of HIPAA. The proposed rule is the outcome from a request for information that closed in February of 2019, where HHS posed a number of questions mostly focused on how HIPAA interacts with value based care goals.
By Art Gross – While the world might still be in varying states of chaos with regard to a multitude of topics, when it comes to HIPAA fines and enforcement of regulations, things are getting back on track.
By Matt Fisher – The debate around privacy that had been forefront of mind for many prior to COVID-19 disrupting everything has not gone away. Instead, privacy has been simmering in the background, every so often be thrust into the spotlight during the course of the pandemic.
By Matt Fisher – Continuing a hot streak in the fall of 2020, the Office for Civil Rights announced another HIPAA settlement with a business associate on September 23, 2020. The $2,300,000 fine was imposed on a business associate following a months long cyberattack that resulted in the exfiltration of data for more than 6 million patients.