By Art Gross – The topic of ransomware, especially ransomware hitting healthcare organizations, is making headlines daily. Dan Munro has a very good article over at Forbes that asks an important question: Is Ransomware Considered A Health Data Breach Under HIPAA?
Read More
By Art Gross – Last month a hospital in Hollywood, CA was a victim of a ransomware attack that left computers unusable for over a week. According to a ZDNet article, the Southern California hospital was unable to practice its usual day-to-day operations.
By Art Gross – A recent study by the Ponemon Institute calculated the cost of a healthcare related data breach to be $363 per record. This was the highest amount across all industries. A financial data breach cost $215 per record and a retail data breach cost $165 per record.
By Art Gross – The Computer Fraud and Abuse Act CFAA is not a very widely known piece of federal legislation but could help companies that have been victims of employee or ex-employee theft of digital information. According to an article over at Fox Rothschild LLP the CFAA can be used to help companies that have had employees or ex-employees steal or access unauthorized information.
By Art Gross – The practice of medicine is a risky business. There is always the risk that a certain treatment will fail to help a patient. There is a risk of being accused of malpractice. There is a risk of being accused of incorrectly billing a patient, insurance company or government agency.
By Art Gross – The Department of Health and Human Services Office of Inspector General has issued a report that is critical of the Office for Civil Rights. OIG concluded that OCR is not fulfilling its responsibility to enforce HIPAA regulations that safeguard protected health information (PHI) and to ensure that organizations protect patient’s privacy.
By Art Gross – On September 2, 2015 The HHS Office of Civil Rights (OCR) issued a press release announcing a $750,000 HIPAA settlement with Cancer Care Group, P.C. This large fine offers some very important lessons. Let’s take a closer look:
By Art Gross – Now that the 2015 HIPAA Audits have begun, organizations are reevaluating their HIPAA compliance posture. This is a good thing being that an organization will have very little time to respond to pre-audit and audit inquiries from the Office of Civil Rights (OCR).