Is Texting HIPAA Compliant?
Text messaging is a convenient and rapid way to share information in both personal and professional settings, but are text messages compliant with the Health…
Articles by hipaainfo
Patient Data Compromised in Sharecare Health Data Services Breach
Sharecare Health Data Services has announced that an unauthorised individual gained access to some of its systems and sensitive patient data may have been compromised….
Anesthesia Associates of Kansas City Reports Theft of Surgery Schedules
Anesthesia Associates of Kansas City has announced that surgery schedules containing patient information were stolen from one of their employee’s vehicles last December. The employee,…
What is the relationship between HITECH, HIPAA, and electronic health or medical records?
The Health Information Technology for Economic and Clinical Health Act, more commonly referred to as the HITECH Act was introduced by the administration of President…
Is Alexa HIPAA Compliant?
Alexa, the virtual voice-assistant offered by Amazon, is one of many similar services marketed by the largest tech companies in the world, and it could…
What does a dentist office need to do for HIPAA compliance?
In the past, dental offices may have felt less concerned by the Health Insurance Portability and Accountability Act, more often known as HIPAA, but this…
Is FaceTime HIPAA compliant?
FaceTime, a method of making video calls between devices made by Apple, has become more and more popular since its introduction and with the large…
What is defined as a HIPAA violation?
It is rare that a week passes where we do not hear or see media outlets covering yet another HIPAA violation provoked by the action…
Is it possible to report a HIPAA violation anonymously?
The Health Insurance Portability and Accountability Act, more commonly known as HIPAA, includes several provisions to allow people to report violations or suspected violations to…
Micropatches Deployed by 0patch for Zero-Day Windows Flaws
Micropatches addressing three zero-day Windows flaws have been deployed by 0patch. The vulnerabilities, which have yet to be addressed by Microsoft, including a zero-day remote…
Warning Issued Over Dräger Infinity Delta Patient Monitoring Devices
A warning has been issued about vulnerabilities affecting Dräger Infinity Delta patient monitoring devices. The warning was issued by Department of Homeland Security (DHS) United…
Is Azure HIPAA Compliant?
Azure is Microsoft’s cloud services platform and it therefore has the potential to offer a lot to businesses, including businesses working in the healthcare arena,…
Is Facebook Messenger HIPAA complaint?
Facebook is one of the largest social media platforms the world has ever seen and almost everyone is familiar with its Messenger tool, with many…
Data Breach at Choice Rehabilitation Affects 4,300 Patients
Choice Rehabilitation of Creve Coeur, Missouri, has released a statement announcing that a security incident has compromised the sensitive data of over 4,300 patients. The…
Credit Card Details Compromised in BJC Security Incident
BJC HealthCare have announced that the details of nearly 6,000 credit cards were compromised following a cybersecurity incident. BJC HealthCare, based in Missouri, discovered the…
Mind & Motion Centers Announces Ransomware Attack on Servers
Mind & Motion Developmental Centers have revealed that they have been the victims of a ransomware attack on their servers. Mind & Motion Developmental Centers,…
The penalties for HIPAA violations
The Health Insurance Portability and Accountability Act of 1996 revolutionised regulations surrounding the security and privacy of healthcare data. One of its many aims was…
Ransomware Attack on May Eye Care Center Affects 30,000 Patients
May Eye Care Center, PA, has announced that the protected healthcare information of up to 30,000 patients was affected in a recent ransomware attack. May…
Over 1,800 Files Compromised in Metrocare Phishing Attack
A North Texas mental health services provider has announced that the sensitive files of over 1,800 patients have been compromised in a phishing attack. Metrocare…
Former Employee of Chilton Medical Center Sentenced in Equipment Theft Case
A former IT worker at a New Jersey medical centre has been sentenced to 5 years’ probation for the theft of IT equipment that stored…
Nurse Fired for Posting Details of Child’s Measles Diagnosis Online
A paediatric nurse at Texas Children’s Hospital has been fired after she posted details about a toddler’s measles diagnosis on an anti-vaxxer Facebook page. Posting…
New York Non-Profit Fined $200,000 for HIPAA Violation
The Arc of Erie County, a non-profit agency that supports children and adults with disabilities based in Buffalo, NY, was levied a $200,000 fine by…
Missouri Care Experiences Second Breach of PHI due to Mailing Error this Year
The protected healthcare information of nearly 20,000 children enrolled in the Missouri Medicaid Plan has been exposed due to a mailing error. The PHI was…
Legacy Health Falls Victim to Phishing Attack
Legacy Health, a non-profit hospital system based in Portland, Oregon, has recently announced that approximately 38,000 of their patients have had their protected health information…
Democrat Lawmakers Accuse Oklahoma VA of HIPAA Violations
Three Democrat lawmakers have accused the Oklahoma Department of Veteran Affairs of breaching the Health Insurance Portability and Accountability Act (HIPAA) by allowing their staff…
OCR Newsletter Emphasises Need for Secure Disposal of Electronic Devices
The Department of Health and Human Services’ Office for Civil Rights took the opportunity to remind HIPAA covered entities, which includes healthcare providers, health plans,…
HHS Secretary Azar Announces HIPAA Updates
While addressing the Heritage Foundation in earlier this month, Secretary of the Department of Health and Human Services (HHS), Alex Azar, announced that the HHS…
Flowers Offers to Settle with Data Breach Victims After A Four Year Legal Battle
A four year legal battle between victims of identity theft and a former employee at the Flowers Hospital of Dothan, Alabama, is approaching its end….
Nursing Home Employees Fired for Violating HIPAA Regulations
It has been revealed that employees at Thompson Health’s M.M. Ewing Continuing Care Center in Canandaigua, New York, have been caught breaching HIPAA privacy regulations…
Aetna Survey Results Reveal the Priorities of Healthcare Consumers
Aetna Inc., a Fortune 500 health insurance company, recently released the results of their “Health Ambitions Study”. The primary aim of the research was to…
Former Healthcare Worker Sees Jail Time for Violating HIPAA Rules
On June 29, 2018, the Department of Justice announced that a former patient information coordinator has been indicted by a federal grand jury for violations…
District Court Judge Confirms No Private Cause of Action for HIPAA Violations
The District court has ruled that patients have no right to take legal action for HIPAA violation. That is to say that there is no…
A Dozen Staff Members Suspended from Washington Health Systems Following HIPAA Violation
Washington Health Systems has suspended several of their staff members following allegations that they accessed patient health records without authorisation. The privacy breach is currently…
Results of Survey on Use of Mobile Technology by Healthcare Professionals Released
A recent survey on the use of mobile technology in medical situations has shown that 90% of hospitals and 94% of physicians have adopted mobile…
Recent HIPAA Lawsuits Filed in the Courts
Recently, several lawsuits have been filed in relation to alleged breaches of Health Insurance Portability and Accountability Act (HIPAA) Rules. Here, we provide an overview…
OCR Reiterates Importance of Physical Security Controls
In a recent statement, the Department of Health and Human Services’ Office for Civil Rights (OCR) has reminded covered entities (CEs) that HIPAA compliance requires…
Why was HIPAA introduced?
Given the extra effort and costs that the Health Insurance Portability and Accountability Act (HIPAA) imposes on organizations in the healthcare space, not to mention…
Is OneDrive HIPAA Compliant?
With the advent of the cloud and its absolute ubiquity in both consumer and professional applications, a large swath of the healthcare industry are asking…
Is Zoom HIPAA Compliant?
Zoom has already been adopted as a powerful and convenient video conference application that allows over 750,000 companies to carry out meetings and presentations via…
What are the HIPAA Rules for e-signatures?
The possibility of signing agreements and contracts remotely has increased the speed with which administrative processes, typically a bottleneck in many sectors, can be done…
What HIPAA Rules Must Dentists Follow?
The Health Insurance Portability and Accountability Act lays down a set of provisions which must be followed by doctors and nurses in hospitals and clinics,…
Is it Allowed to Email Patient Names Under HIPAA?
Given the often stringent rules of the Health Insurance Portability and Accountability Act, often referred to as HIPAA, healthcare staff and others in the health…
Are You Required to Report a HIPAA Breach?
The Health Insurance Portability and Accountability Act, also known as HIPAA, creates a number of rules which some parties may find difficult to implement and…
How do you Report a HIPAA Breach?
It is of the utmost importance that all members of staff in organizations with activities relating to healthcare provision or health insurance coverage are aware…
Is Dropbox HIPAA compliant?
Insurance companies and others in the healthcare space could see advantages by utilizing Dropbox, but before doing so they must ask whether Dropbox is compliant…
LifeBridge Health Reports Second Largest Data Breach of the Year
Earlier this month, LifeBridge Health, a Baltimore-based healthcare provider, made a statement announcing that it had discovered a data breach in their organisation. An initial…
Is Slack HIPAA compliant?
Slack has emerged over the past number of years as a useful and versatile tool which many use to communicate and collaborate but some organizations…
Can a Patient Sue a Hospital for a HIPAA Violation?
Should a patient find themselves the victim or affected by a violation of the Health Insurance Portability and Accountability Act, more commonly known as HIPAA,…
What is HIPAA Compliance?
When we talk about HIPAA and HIPAA compliance, the nature of the issue can seem overwhelming and complicated unless we first explain what HIPAA compliance…
What is HIPAA compliant email?
The Health Insurance Portability and Accountability Act, also known as HIPAA, requires a certain level of security and standards to be met when dealing with…
Is Google Drive HIPAA Compliant?
With the huge range of cloud storage solution providers in the market and the increasing push for organizations to explore the possibilities offered by these…
Who is Responsible for HIPAA Enforcement?
The Health Insurance Portability and Accountability Act (more commonly known as HIPAA) is an important piece of legislation but who is responsible for HIPAA enforcement?…
Is it Possible to Obtain HIPAA Certification?
When organizations put in the effort to implement the many administrative and technological hurdles needed to be compliant with HIPAA, the Health Insurance Portability and…
What Happens After an Accidental HIPAA Violation?
Even though most healthcare employees, covered entities, business associates, and others in the healthcare space do their best to always act in compliance with the…
Is Social Media Allowed Under HIPAA?
As the Health Insurance Portability and Accountability Act, more widely known as HIPAA, was first introduced in 1996, long before the widespread use of social…
Department of Homeland Security Issues Warnings About Vulnerable Medical Devices
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (DHS ICS-CERT) have issued warnings to healthcare providers about vulnerabilities in several medical…
What is the Importance of HIPAA?
An enormous amount of effort is put into ensuring that businesses and organizations are acting in compliance with the Health Insurance Portability and Accountability Act,…
What Does a HIPAA Compliance Officer do?
Under the Health Insurance Portability and Accountability Act, more widely known as HIPAA, organizations are required to appoint or designate someone to the position of…
Is Skype HIPAA Compliant?
The convenience and ubiquity of Skype has led to many people asking themselves whether Skype could be used to transmit or share Protected Health Information…
What are the Most Common Types of HIPAA Violations?
As organizations covered by the Health Insurance Portability and Accountability Act (commonly known as HIPAA) look into creating or modifying their training techniques, they may…
What are the Penalties for a Nurse who Violates HIPAA?
Nurses are at the front line of almost all health care services, but what sort of penalties do nurses face if they violate the Health…
What are the HIPAA Rules for Record Retention?
The Health Insurance Portability and Accountability Act, commonly known as HIPAA, notes differing information in relation to keeping copies of different types of data, which…
Capital Digestive Care Reports Patient PHI Compromised
In a recent statement the gastroenterology group Capital Digestive Care, based in Silver Spring, Maryland, announced that they have discovered a data breach in their…
What are the New HIPAA Rules in 2018?
With the completion of the first year of the Trump Administration being in office and following a number of changes in important areas of law…
What are the HIPAA Rules regarding Emailing?
The Health Insurance Portability and Accountability Act, more often known as HIPAA, lays out a number of requirements detailing how organizations can be allowed to…
Is texting against HIPAA rules?
As methods of communication evolve and it becomes more acceptable to use channels that were previously thought of as less formal for more important and…
What are the HIPAA requirements for encryption?
The Heath Insurance Portability and Accountability Act, commonly called HIPAA, calls on organizations to protect the data they use and produce and, as such, many…
What are the HIPAA Password Rules?
As the Health Insurance Portability and Accountability Act, better known as HIPAA, has certain security requirements that must be in place to safeguard Protected Health…
What are HIPAA non-compliance penalties?
Despite their best efforts, companies may sometimes find, due to a technical oversight or a mistake made by a member of staff, that they have…
What are the HIPAA rules regarding telephoning patients?
While there are now more options than ever for organizations to communicate with patients, both through physical written correspondence and electronic messages much as emails,…
Recent Report Shows Healthcare Professionals Unaware of Cybersecurity Threats
Wombat Security has recently published a report which has revealed that employees in the healthcare industry have a lack of understanding and awareness about common…
Study Published Revealing Increase in Mortality Rates Due to Data Breaches
Researchers Vanderbilt University, Tennessee, have released a study into the effects that breaches of healthcare data have on the affected individual’s health. The results of…
First Update of NIST’s Cybersecurity Framework Released
Earlier this month, the National Institute of Standards and Technology updated its Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) with new guidelines and advice…
Former Receptionist Convicted of Stealing Patient Data from Dental Practice
A former receptionist at a New York dental practice has convicted of stealing the protected health information (PHI) of 653 patients at her formed place…
Verizon’s Protected Health Information Breach Report Released
The telecommunications company Verizon has released its annual Protected Health Information Breach Report. This report offers a detailed analysis into the main causes of breaches,…
Healthcare Data Breaches in Q1, 2018
In the first quarter of 2018, 77 healthcare data breaches were reported to the Department of Health and Human Services’ Office for Civil Rights (OCR)….
Healthcare Employees Jailed for HIPAA Violations
To serve as a deterrent, the penalties for HIPAA violations can be severe. Violations by employees can attract a fine of up to $250,000 with…
Survey Shows Healthcare Industry Susceptible to Cyberattacks
The Ponemon Institute, which conducts research on privacy, data protection, and information security, has released the results of a survey of data breaches in healthcare…
New York Attorney General Settles With EmblemHealth for HIPAA Violation
The New York Attorney General has just announced a settlement with EmblemHealth for $575,000 following a HIPAA breach at the organisation in 2016. The breach…
Protenus Releases Healthcare Breach Barometer Report
Protenus, an organisation which aims to help healthcare organisations protect private patient data, regularly releases “Healthcare Breach Barometer” reports which compile their intelligence on healthcare…
Thirteen Employees Fired form MUSC For Snooping on Patient Data
The Post and Courier, the South Carolina newspaper, has released a report stating the Medical University of South Carolina (MUSC) terminated 13 employees last year…
UVa Breached Linked to Prolific Hacker
The University of Virginia Health System has notified nearly 2,000 patents that a hacker has used malware to gain access to their protected health information…
Deputy Director for Health Information Privacy at OCR Steps Down
The deputy director for health information privacy at the Department of Health and Human Services’ Office for Civil Rights, Iliana Peters, as just announced that…
Decatur Country General Hospital Discover Cyberattack on their Systems
In a recent announcement, Decatur County General Hospital in Tennessee revealed that it has been the victim of a cyberattack on their systems. Malware was…
Report Highlights the Increasing Threat of Ransomware Attacks
Vanson Bourne, a research company, has published a report on the nature of ransomware attacks entitled “The State of Endpoint Security Today”. The report has…
Aetna Violates HIPAA Rules Again with Mailing Accident
In July 2017, Aetna, a health care company, accidentally violated HIPAA Rules when it sent mail to members in which details of HIV medications were…
CIOX Health Sues HHS Over Update to HIPAA Rules
Earlier this month, CIOX Health, a medical record retrieval company, announced that it was suing the Department of Health and Human Services. The reason for…
North Carolina Bill Aims to Toughen Data Breach Notification Laws
In 2017, more than 5.3 million residents of North Carolina were reported to be victims of breaches of private data. In response to this alarming…
SAMHSA Regulations Changed by HHS
The Department of Health and Human Services has published its final rule on the Confidentiality of Substance Use Disorder Patient Records. This rule brings significant…
Washington Hospital Employee Fired Following Serious HIPAA Violation
An employee of Washington Hospital has been fired after taking pictures of a female patient’s genitals while she was unconscious. The patient, identified in the…
Data of 2,600 Children Exposed Following MBS Breach
Multi-State Billing Services (MBS) has reached a $100,000 settlement with the Massachusetts Attorney General’s office following a data breach which occurred in 2014. The data…
Oklahoma Department of Human Services Notifies OCR of Breach Nearly 18 Months Late
In April 2016, the Oklahoma Department of Human Services experienced a data breach which affected 47,000 people. In accordance with HIPAA’s Breach Notification Rule, notifications…
HHS Prepares to Launch HIPAA Administrative Simplification Optimization Project Pilot
The Department of Health and Human Services has announced that it is looking for volunteers for their HIPAA Administrative Simplification Optimization Project Pilot. Volunteers who…
Cottage Health Suffers Two Data Breaches in Two Years
Cottage Health, a health providers based in Santa Barbara, has settled for $2 million with California attorney general’s office. Cottage Health was investigated by the…
Man Sentenced to Jail for Multiple Counts of Fraud
A man linked who used the name “TheDarkOverlord” has been sentenced to serve three years in jail for fraud and blackmail offences at the Southwark…
Alex Azar Receives Presidential Nomination for Deputy Secretary of Department of Health and Human Services
Alex Azar, the former Deputy Secretary of the Department of Health and Human Services, is the favourite to take over from former Secretary Tom Price…
RBS Report Reveals Over 7 Billion Records Breached in 2017
Risk Based Security (RBS), a provider risk analysis tools and data breach information, has released a report analysing the data breaches which have occurred in…
HHS Deputy Director for Health Information Privacy Deven McGraw Leaves for Private Industry
In October, Deputy Director for Health Information Privacy at the Department of Health and Human Services’ Office for Civil Rights (OCR), Deven McGraw, has resigned…
Lincare Suffer Breach of Sensitive Employee Data
In February 2017, Lincare Holdings Inc., a supplier of home respiratory therapy products, experienced a breach of sensitive employee data. The breach involved the exposure…
California Wildfires Result in Limited Waiver of HIPAA Sanctions
The Secretary of the U.S. Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in California. The waiver…