By Matt Fisher – The OCR at the Department of Health and Human Services sent out an email on February 2, 2016 to announce the launch of a cyber-awareness for the healthcare industry. OCR recognizes the danger faced by healthcare from an array of bad actors and the need to spread information.
Read More
By Matt Fisher – With the start of a new year, it seems like a good time to take stock of privacy of healthcare information, which is currently a very hot topic. As was discussed in great detail, 2015 saw a continuing explosion of breaches concerning healthcare information, which put both privacy and security in the limelight.
The GetMyHealthData Campaign is commending the U.S. Department of Health and Human Services (HHS) for offering new guidance on patients’ rights to access their health records under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.
Last month Congress passed a cybersecurity bill as part of the 2016 Omnibus budget. The bill formalizes the information sharing process among industry and government and recognizes the importance of a healthcare industry specific cybersecurity approach.
By Steve Spearman – The Office of Civil Rights (OCR) has issued a press release saying that following a security breach, Massachusetts-based Lahey Hospital and Medical Group has agreed to a settlement with OCR that requires it to pay $850,000 and make a “robust” corrective plan to restructure its HIPAA compliance strategy.
By Matt Fisher – A Shakespearean Tangle: The current state of medical data is very complicated. The amount of medical data being created is exploding all of the time. The explosion is being facilitated by the always increasing number of ways of creating it and a broadening array of people or entities how want access to it.
By Art Gross – The Computer Fraud and Abuse Act CFAA is not a very widely known piece of federal legislation but could help companies that have been victims of employee or ex-employee theft of digital information. According to an article over at Fox Rothschild LLP the CFAA can be used to help companies that have had employees or ex-employees steal or access unauthorized information.
By Kirk J Nahra – By now, most people have felt the effects of the HIPAA Privacy Rule (from the Health Insurance Portability and Accountability Act). HIPAA has set the primary standard for the privacy of healthcare information in the United States since the rule went into effect in 2003.
By Art Gross – The Department of Health and Human Services Office of Inspector General has issued a report that is critical of the Office for Civil Rights. OIG concluded that OCR is not fulfilling its responsibility to enforce HIPAA regulations that safeguard protected health information (PHI) and to ensure that organizations protect patient’s privacy.