Health IT Security and Compliance

Systemic Noncompliance

By Art Gross – The story narrative varies slightly from episode to episode, but the outcome is generally the same. Pay a fine, make a plan, regret not doing this all in the first place. This isn’t some soap opera or Netflix binge-worthy series; this is real life and the characters are the healthcare industry and Office for Civil Rights.

Read More




Right to Access Enforcement Initiative

By Art Gross – In 2019, the Office for Civil Rights at the U.S. Department of Health and Human Services announced an initiative that they would make it a priority to enforce an individual’s right to access their health records in a timely manner and at a reasonable cost. This falls under the HIPAA Privacy Rule.




Head In the Sand Leads to HIPAA Fine

By Matt Fisher – Continuing a hot streak in the fall of 2020, the Office for Civil Rights announced another HIPAA settlement with a business associate on September 23, 2020. The $2,300,000 fine was imposed on a business associate following a months long cyberattack that resulted in the exfiltration of data for more than 6 million patients.