By Art Gross – In a cruel twist of fate, health care entities are being phished using an OCR (HHS Office of Civil Rights) email as the bait. Here is the context: HHS/OCR is the governmental entity in charge of enforcing the HIPAA statutes.
Read More
By Ebony Brice & Nick Heesters – As we mark National Cyber Security Awareness Month, the ONC and the HHS Office for Civil Rights have jointly launched an updated their HIPAA Security Risk Assessment Tool.
By Terry Edwards – At Becker’s Hospital Review Annual CIO/HIT + Revenue Cycle Summit I discussed the elements needed to truly secure clinical communications with some of the best minds in the healthcare world. With the recent high profile news stories on ransomware attacks in hospitals and health systems, security and the ability to secure clinical information is top of mind for many.
By Mike Semel – The Office for Civil Rights announced that the new permanent audit program has started. On July 11 letters were sent BY E-MAIL (check your junk mail folders!) to 167 health plans, health care providers, and health care clearing houses (all HIPAA Covered Entities) notifying them that they have to send in documentation for a ‘desk audit.’ They will have 10 days to send in the required materials for review.
By Art Gross – On September 2, 2015 The HHS Office of Civil Rights (OCR) issued a press release announcing a $750,000 HIPAA settlement with Cancer Care Group, P.C. This large fine offers some very important lessons. Let’s take a closer look:
By Matt Fisher – The rapid adoption of electronic health records (“EHR”) and other new technology in healthcare has resulted in the introduction of serious security threats. Numerous stories and reports have made it clear that hackers, criminals and others view the healthcare industry as a ripe target due to security vulnerabilities. This issue is exacerbated by the high value placed upon medical records in the black market.
By Mike Semel – When we think Cyber-Security we logically think about technology tools to block North Korean or Chinese hackers from breaking into our networks. Those breaches make the news because they are so unique. What is much more common are users doing stupid things that neutralize your investment in security tools.
By Lee Barrett – Some say there’s nothing like a little controversy to spark interest in your organization. Others say there’s no such thing as…
On Monday, December 8th, the Office for Civil Rights (“OCR”) at the Department of Health and Human Services announced another new HIPAA settlement. As with most recent settlements, the latest settlement is being used to set up an example of what not to do.