By Jonathan Krasner – Back in March, we reported that OCR had announced its Phase 2 Audit Program. OCR stated that they would compile a database of both Covered Entities and Business Associates to form the basis of the pool of organizations potentially targeted for audit. They have followed up on their intentions and in the last week organizations have started to receive contact emails from OCR.
Read More
By Jonathan Krasner – On April 27, CMS came out with a proposed rule on how physicians will get paid under MACRA. The new system is premised on tying physician payments to quality and value, and is directly related to the Triple Aim of providing better care, lower costs, and improved health.
By Art Gross – The topic of ransomware, especially ransomware hitting healthcare organizations, is making headlines daily. Dan Munro has a very good article over at Forbes that asks an important question: Is Ransomware Considered A Health Data Breach Under HIPAA?
By Jonathan Krasner – Although HIPAA is an important set of laws passed to protect the sensitive medical information handled by millions of covered entities and business associates, HHS Office for Civil Rights has never established a permanent compliance audit program.
By Art Gross – Last month a hospital in Hollywood, CA was a victim of a ransomware attack that left computers unusable for over a week. According to a ZDNet article, the Southern California hospital was unable to practice its usual day-to-day operations.
By Jonathan Krasner – At the end of the year all kinds of publications and organizations publish yearly summaries to review the events of the past 12 months. Much of the time this can be positive publicity for a celebrity, firm, organization or industry. In this case, for healthcare, it is decidedly negative. Why has IBM made this proclamation? According to a company report just released, over 100 million records were compromised in the first half of 2015.
By Art Gross – A recent study by the Ponemon Institute calculated the cost of a healthcare related data breach to be $363 per record. This was the highest amount across all industries. A financial data breach cost $215 per record and a retail data breach cost $165 per record.
By Art Gross – The Computer Fraud and Abuse Act CFAA is not a very widely known piece of federal legislation but could help companies that have been victims of employee or ex-employee theft of digital information. According to an article over at Fox Rothschild LLP the CFAA can be used to help companies that have had employees or ex-employees steal or access unauthorized information.
By Art Gross – The practice of medicine is a risky business. There is always the risk that a certain treatment will fail to help a patient. There is a risk of being accused of malpractice. There is a risk of being accused of incorrectly billing a patient, insurance company or government agency.