By Matthew Fisher – The OCR announced yet another settlement action involving the HIPAA Right of Access. It is a reminder that right of access remains a focal point for OCR even though cyberattacks formed the basis for settlements announced earlier in 2024.
Read More
By Art Gross – In a groundbreaking development, the U.S. Department of Health and Human Services has reached a settlement with Lafourche Medical Group, a Louisiana-based medical facility, following a phishing cyberattack that compromised the electronic protected health information of nearly 35,000 patients.
By Art Gross – In a watershed moment for the healthcare industry, the U.S. Department of Health and Human Services’ Office for Civil Rights, recently finalized a $100,000 settlement with Doctors’ Management Services, a Massachusetts-based medical management company.
By Matt Fisher – The Office for Civil Rights is stepping up its attention to cyberattacks impacting healthcare organizations. After years of attacks impacting operations and the privacy of patient information, OCR is now flexing its HIPAA enforcement muscles on that front.
By Matt Fisher – Maintaining and protecting privacy for patients and healthcare information is important and necessary at all times. The requirement for keeping privacy applies no matter the circumstances, which can mean in the middle of a pandemic. The most recent HIPAA settlement announced by the Office for Civil Rights provides that reminder.
By Matt Fisher – The drumbeat of settlements from the Office for Civil Rights around the individual right of access continues. The most recent settlement offers a different reminder than the previous settlements. This time, the settlement impacted a health insurance company.
By Art Gross – A recent investigation by the OCR alleges that several security guards from Yakima Valley Memorial Hospital impermissibly accessed the medical records of 419 individuals. This incident highlights the importance of maintaining strict protocols and vigilant oversight.
By Matt Fisher – Snooping into medical records is a long established privacy concern. It is one of the classic examples of how a data breach can occur because it trades on an individual’s natural curiosity that must be contained. Despite snooping being a widely known concern, it still occurs.
By Matt Fisher – Social media and healthcare can be a productive combination, but not when patient information is involved. The power and reach of social media are nothing new, nor is the concern about the ready ability to spread misinformation.