Health IT Security and Compliance

Right to Access Enforcement Initiative

By Art Gross – In 2019, the Office for Civil Rights at the U.S. Department of Health and Human Services announced an initiative that they would make it a priority to enforce an individual’s right to access their health records in a timely manner and at a reasonable cost. This falls under the HIPAA Privacy Rule.




Head In the Sand Leads to HIPAA Fine

By Matt Fisher – Continuing a hot streak in the fall of 2020, the Office for Civil Rights announced another HIPAA settlement with a business associate on September 23, 2020. The $2,300,000 fine was imposed on a business associate following a months long cyberattack that resulted in the exfiltration of data for more than 6 million patients.


If You Connect It, Protect It

By Chase Higbee – Internet-connected devices have changed the world we live in. It has changed the way we shop, the way business is done, how we provide healthcare, and even how we communicate with one another. Some argue it has made the world a lot smaller and built a global community with the ability to instantaneously communicate around the planet.



Deny Patient Access at Own Risk

By Matt Fisher – The Office for Civil Rights continues its recent attention to enforcing an individual’s right of access under HIPAA. The latest step is the concurrent announcement of five settlements with various entities for alleged failures to provide records upon request.


Hover Hover Hover

By Art Gross – At times, it feels as if we could start every week with this sentence: “There’s a new tactic being used by cybercriminals to trick unsuspecting victims.” And the sophistication level of the new tactics is off the charts. So, what are we dealing with as of late? Well, where should we start…