Ransomware Attacks and HIPAA A ransomware attack has taken down the largest gasoline pipeline in the USA – the Colonial Pipeline carrying 2.5 million barrels per day of gasoline and other refined fuels. The pipeline runs from refineries in Texas to destinations throughout the eastern USA. This is … [Read more...]
Be Aware of These HIPAA Enforcement Issues
HIPAA Enforcement The following are key ten enforcement issues that the OCR continues to encounter through its enforcement of HIPAA. You need to be aware of these. Impermissible Disclosures HIPAA’s Privacy Rule prohibits covered entities and business associates from disclosing PHI except as … [Read more...]
Vendor HIPAA Breach: Should You Terminate The relationship?
Vendor HIPAA Breach Periodically we are asked questions about Business Associates and how to handle a vendor HIPAA breach. Recently, we were asked the following question: Under HIPAA concerning Business Associates, if you don’t have a Business Associate Agreement (BAA) with a vendor and they … [Read more...]
HIPAA Compliance – Let’s Revisit
Revisiting HIPAA Compliance In the two decades since its original passage, HIPAA compliance (Health Insurance Portability and Accountability Act (HIPAA) hasn’t gotten any easier. Enacted with the primary goal of protecting the confidentiality, integrity and availability of healthcare information, … [Read more...]
OCR Issues Audit Report on HIPAA Compliance
HIPAA Compliance The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, … [Read more...]
Diagnostic medical imaging services company pays $3,000,000 to settle breach exposing over 300,000 patients’ protected health information
Touchstone Medical Imaging (“Touchstone”) has agreed to pay $3,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability … [Read more...]