By Matt Fisher – The drumbeat of settlement agreements for alleged HIPAA violations by the Office for Civil Rights is continuing along with the consistent finding that the required risk analysis did not occur. The consistent announcement of settlements offers regular reminders to the healthcare industry that OCR is watching and expecting compliance to improve.
Read More
By Matt Fisher – Imagine this scenario: an individual is suffering from substance use disorder and decides to seek help. A big reason for not getting treatment is reportedly not knowing how or where to get treatment, not being able to afford the treatment, and/or not finding a program or clinician where they wanted to be able to go.
By Matt Fisher – The risk to privacy and security of healthcare information, despite all of the headlines, does not only come from outside attackers. Inside threats are real and can go undetected for potentially longer periods of time.
By Matt Fisher – Whenever an entity subject to HIPAA experiences a data breach, notification must be given to the Office for Civil Rights. Once OCR receives notification of a breach, an investigation will typically follow. That combination is a sure way for broader issues to be uncovered. That is the scenario that played out in the most recent settlement announced by OCR.
By Matt Fisher – Ambient listening technology is growing in many areas and being incorporated into a lot of different applications. What does the ambient listening do? It automatically picks up conversations and other sounds around it to be processed for one purpose or another.
By Matt Fisher – A March 2021 decision by the Arizona Supreme Court recognized that obligations and requirements under HIPAA can be the standard of care underpinning a claim of negligence. The Arizona decision is only the most recent in a line of similar decisions by various states. However, what does it mean for HIPAA to act as the standard of care?
By Matt Fisher – Most if not all websites will (or should) contain a link to a Privacy Policy at the bottom of the page. The Privacy Policy will in either great or vague detail describe what information is collected, how the information will be used, and potentially what rights are given to the user.
By Matt Fisher – It should be well known that telehealth achieved rapid adoption and expansion throughout the course of the pandemic. The adoption and expansion was the result of many emergency orders though that will only remain in place while a public health emergency declaration is in place.
By Matt Fisher – Data breaches grab headlines on a daily basis and arise from a number of different scenarios. However, one question that is not necessarily examined closely (at least in news articles), is whether encryption was in place and why the encryption did not prevent the breach.