The US Department of Health and Human Services’ Office for Civil Rights has levied big fines against medical organizations who failed to adhere to HIPAA requirements to release medical records to patients at their request.
Practices need to know all of the components of their health information systems to determine potential vulnerabilities.
Hackers have penetrated healthcare providers’ computer systems to encrypt information and demand money for its release.
Putting information in the cloud can be a good move for a physician’s practice — but only if done well.
Regardless of the challenges a smaller group might have, a risk assessment is a baseline for any HIPAA program. The cost of this assessment is considerably less than a HIPAA fine.
NRC Health, a software and patient satisfaction survey provider holding data from more than 25 million patients, was locked out of its computer system in February because of a ransomware attack. When a breach like this occurs, the fault (at least in the eyes of the federal Office for Civil Rights [OCR]) tends to land…
The US Department of Health and Human Services has given healthcare providers more latitude in delivering care via telemedicine.
Providers need to verify as best they can that apps they are using or offering patients are HIPAA compliant.
HIPAA-related lawsuits came to the attention of Alexander Wolff when a fellow attorney called him with a case a few years ago. The plaintiff was a woman and friend of a man who was dating a nurse. The nurse, who worked at a hospital where the plaintiff received healthcare, was suspicious that the plaintiff and…
Use staff meetings or emails to keep current issues like phishing or social engineering in front of employees.
