HIPAA Compliance The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, … [Read more...]
Diagnostic medical imaging services company pays $3,000,000 to settle breach exposing over 300,000 patients’ protected health information
Touchstone Medical Imaging (“Touchstone”) has agreed to pay $3,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability … [Read more...]
HIPPA Security Risk Assessment Tool has been updated
The Office of the National Coordinator for Health Information Technology (ONC) recognizes that conducting a risk assessment can be a challenging task. That’s why ONC, in collaboration with the HHS Office for Civil Rights (OCR), developed a downloadable Security Risk Assessment (SRA) Tool to help … [Read more...]
Florida contractor physicians’ group shares protected health information with unknown vendor without a business associate agreement
Advanced Care Hospitalists PL (ACH) has agreed to pay $500,000 to the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) and to adopt a substantial corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act … [Read more...]
Another HIPAA physician practice violation to report
Allergy Associates of Hartford, P.C. (Allergy Associates), has agreed to pay $125,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and … [Read more...]
Recent healthcare data breaches
HealthIT Security reports the following: SSM Health St. Mary’s Hospital in Jefferson City, Missouri, reported to OCR on July 30 that an improper disposal of paper medical records may have resulted in a data breach affecting 301,000 individuals. In a public notice, St. Mary’s Hospital said that … [Read more...]