HIPAA

An Underappreciated Vulnerability: Medical Devices

An Underappreciated Vulnerability: Medical Devices

By

Hackers' attempts to steal data could lead to malfunction of MRI machines, implantable defibrillators, insulin pumps, and other devices.

How Small Breaches Can Cost Millions

How Small Breaches Can Cost Millions

By

Health care providers are neglecting some basic precautions and thereby allowing breaches of protected health information.

Practices Face Challenges in Hiring Qualified Cybersecurity Personnel

Practices Face Challenges in Hiring Qualified Cybersecurity Personnel

By

Health care cybersecurity is an area with severe shortages.

Keeping Patient Portals Secure

Keeping Patient Portals Secure

By

Authentication of users and where data are stored among the important considerations.

Be Prepared for Ransomware

Be Prepared for Ransomware

By

If an attack occurs, a practice may be faced with the difficult decision of whether to pay money to get access to their information or have it returned.

Important HIPAA Compliance Issues in 2018

Important HIPAA Compliance Issues in 2018

By

Patient access to medical records, increased enforcement, and a shortage of IT security professionals are among the concerns facing health care providers.

Password Sharing Common Among Doctors

Password Sharing Common Among Doctors

By

No one admits to sharing passwords - a distinct and clear violation of HIPAA - but a lot of people seem to be doing it.

Lawsuits for Information Breaches May Be on the Rise

Lawsuits for Information Breaches May Be on the Rise

By

Physicians might not deal frequently with sensitive protected health information, but an increasing number of these lawsuits are being filed.

Keeping Ahead of the Hackers

Keeping Ahead of the Hackers

By

It is relatively easy even for rookie hackers to get into computer systems.

Balancing Security and Access to Information

Balancing Security and Access to Information

By

The challenge with information security is walking the line between tightly securing data and over-relaxing access.

Practices Have Latitude in Addressing Security Risks

Practices Have Latitude in Addressing Security Risks

By

Health care providers do not necessarily have to meet every HIPAA standard.

Training Staff in HIPAA Regulations

Training Staff in HIPAA Regulations

By

Physician organizations need to do a better job training staff in safeguarding protected health information and complying with HIPAA in other ways.

Risk Analyses Must Include All Electronic PHI

Risk Analyses Must Include All Electronic PHI

By

Practices involved in legal cases were penalized for not having completed a comprehensive risk assessment.

Safekeeping Patient Records Off-Site

Safekeeping Patient Records Off-Site

By

Among the first things practices should do is set up a check-out/check-in system.

Controlling Access to Health Information

Controlling Access to Health Information

By

Access control often is viewed as an IT-only job, but it is a shared responsibility.

Corrective Action Plans May Accompany HIPAA Fines

Corrective Action Plans May Accompany HIPAA Fines

By

In serious breach cases, the HHS Office for Civil Rights may impose CAPs to prevent breaches from recurring.

Misplaced Mobile Devices Lead to HHS Investigations, Millions in Fines

Misplaced Mobile Devices Lead to HHS Investigations, Millions in Fines

By

Encryption and keeping confidential information off laptops and cellphones are among the ways to prevent breaches.

Use EKG to Secure Electronic Health Records?

Use EKG to Secure Electronic Health Records?

Using ECG as a password enhances the security and privacy of the patient with minimal cost.

Business Associate Agreement Slipups Cost Providers Millions

Business Associate Agreement Slipups Cost Providers Millions

By

HHS fined providers for not having a business associate agreement in place or using an outdated one.

First Round of HIPAA Audits Exposes Providers' Weaknesses

First Round of HIPAA Audits Exposes Providers' Weaknesses

By

Providers are still not doing some of the most basic tasks required by the law.

Storing Information on the Cloud

Storing Information on the Cloud

By

Practices benefit from cost savings and easy access to patient records, but information breaches are still possible.

Steps for Protecting Computers From Hacking

Steps for Protecting Computers From Hacking

By

Medical practices can take a number of steps to make it more difficult to hack into their computer files.

When Information Breaches Lead to Lawsuits

When Information Breaches Lead to Lawsuits

By

Now providers can be sued for HIPAA violations related to breaches of protected health information.

Encrypting PHI for HIPAA Compliance

Encrypting PHI for HIPAA Compliance

By

Addressable doesn't mean optional: Having an implementation plan can be helpful in case of an audit.

Managing Business Associates to Reduce Liability

Managing Business Associates to Reduce Liability

By

As business associates come under greater scrutiny, healthcare providers could become more susceptible to audits and patient lawsuits.

Sharing Data With Others? Anonymity Is Crucial

Sharing Data With Others? Anonymity Is Crucial

By

Practices should review the list of 18 identifiers and remove each item before sharing data.

How to Select a Security Officer for Your Physician Practice

How to Select a Security Officer for Your Physician Practice

By

HIPAA requires physician offices to appoint a security officer, but a physician should not hold the position.

HIPAA Disclosure Rules Not As Strict As Widely Believed

HIPAA Disclosure Rules Not As Strict As Widely Believed

By

Patients' representatives, individuals designated to make medical decisions for them, have equal rights to access information under HIPAA.

How to Work With Health Information Organizations

How to Work With Health Information Organizations

By

Providers typically need business associate agreements with health information organizations.

Patients' Rights to Access Health Records Clarified

Patients' Rights to Access Health Records Clarified

By

New document from the Office of Civil Rights reminds providers of their responsibilities and offers compliance tips.

Sign Up for Free e-newsletters