HHS Hits Insurer for $1.5 Million
On March 13, 2012 the U.S. Department of Health and Human Services announced that it settled its first enforcement action resulting from a reported HITECH breach. In the settlement, Blue Cross/Blue...
View ArticleHIPAA Audits: Coming to Provider Near You?
In November, 2011, the Office of Civil Rights began conducting Audits of Covered Entities for compliance with the HIPAA privacy and security rules. These audits followed after Congress took the OCR to...
View ArticleNew HIPAA and HITECH Rules…. Delayed Again
Despite repeated promises, the new HIPAA and HITECH rules are still not out. While the Department of Health provided the Rules to the White House Office of Managment and Budget on March 24, 2012, OMB...
View ArticleNEW CONNECTICUT DATA BREACH IS A PERFECT EXAMPLE OF DATA SECURITY FAILURES
The Connecticut Attorney General just announced that personal health information and protected health information for over 9,000 Hartford Hospital patients was lost in June....
View ArticleSTOLEN LAPTOP LEADS TO HEALTHCARE DATA BREACH INVOLVING 55,000 INDIVIDUALS IN...
Cancer Care Group (CCG), an Indiana oncology practice, has announced a data breach that affected approximately 55,000 individuals, including patients and employees. CCG has approximately 21...
View ArticleA MASSACHUSETTS HEALTH CARE PROVIDER AGREED TO PAY $1.5 MILLION TO SETTLE A...
HHS’ Office of Civil Rights announced this week that a Mass. health care provider will pay a $1.5 million settlement to resolve a HIPAA privacy violation....
View ArticleOFFICE OF CIVIL RIGHTS RINGS IN NEW YEAR WITH SIGNIFICANT HIPAA DATA BREACH...
The HHS’ Office of Civil Rights (OCR) announced today that The Hospice of North Idaho has agreed to pay a $50,000 settlement for violations of the HIPAA Security Rule. OCR made a point of announcing...
View ArticleHHS ISSUES FINAL BREACH NOTIFICATION RULES – The end of “no harm, no foul”?
Last week the Department of Health and Human Services (HHS) issued its long-awaited “Final Rule”[.pdf] meant to strengthen various HIPAA/HITECH privacy and security rules related to individuals’ health...
View ArticlePHI Security: You Are Only As Strong As Your Weakest Link
Idaho State University just paid $400,000 to settle HIPAA security violations with the Office of Civil Rights. OCR contended that ISU failed to maintain adequate security by failing to maintain its...
View ArticleFOUR MILLION UNENCRYPTED PATIENT MEDICAL RECORDS STOLEN
Despite tremendous publicity and public education about data breaches during the past several years, business entities continue to store personal information in unencrypted formats. The most recent...
View Article
