By Matt Fisher – 2024 cannot end without a further wrinkle on the HIPAA front. Earlier in the year, the Office for Civil Rights in the Department of Health and Human Services modified the HIPAA Privacy Rule by adding language specific to reproductive health care and reproductive health care services.
Read More
By Matt Fisher – The HHS Office for Civil Rights continues to pursue enforcement actions when alleged non-compliance occurs following a right of access request. Not every settlement provides the same degree of insight or ability to follow OCR’s line of thinking though. That is the case stemming from the latest civil monetary penalty announced by OCR.
By Art Gross – With the evolving landscape of cybersecurity threats and the increasing importance of protecting patient data, it’s crucial to ensure your organization is fully compliant with HIPAA.
By Matthew Fisher – The OCR announced yet another settlement action involving the HIPAA Right of Access. It is a reminder that right of access remains a focal point for OCR even though cyberattacks formed the basis for settlements announced earlier in 2024.
By Harikrishna Kundariya – The process of HIPAA-compliant software development is complicated and requires the implementation of efficient design, solid security policies, and a consistent focus on data protection.
By Christy Jones – Hospitals, health systems, and medical practices are increasingly aware that Google Analytics does not satisfy HIPAA requirements. The reason? The US Department of Health and Human Services released guidance bringing IP addresses under the umbrella of protected health information.
By Matt Fisher – Snooping into medical records is a long established privacy concern. It is one of the classic examples of how a data breach can occur because it trades on an individual’s natural curiosity that must be contained. Despite snooping being a widely known concern, it still occurs.
By Matt Fisher – Social media and healthcare can be a productive combination, but not when patient information is involved. The power and reach of social media are nothing new, nor is the concern about the ready ability to spread misinformation.
By Art Gross – A recent incident involving Arkansas-based MedEvolve serves as a reminder of the consequences that arise from the mishandling of PHI and the importance of healthcare businesses ensuring that they and their business associates are HIPAA compliant.