HIPAA Compliance

Common HIPAA Mistakes

By Art Gross – As a person who works within the healthcare industry, understanding HIPAA is a necessity, even if it is knowing just the basic rules. These rules and regulations are complex and ever-changing so that they can keep up with the fluid landscape of healthcare, so unless you are an expert, it is unlikely that you know all the details of being compliant.


Rising Danger

By Art Gross – Meticulous Research released a market research report “Healthcare Cybersecurity Market”, that indicated a number that anyone in healthcare would want to be aware of. They expect that by 2027 – which sounds far off but is NOT – the cybersecurity market within healthcare will reach $26.1billion with a compound annual growth rate of 19.8%.



Notification Rule

By Art Gross – A data breach within your business. You think it won’t happen, you hope it doesn’t happen, but what if it does happen? What are your next steps? Like most things in healthcare, timing is essential. You need to think quickly and act swiftly during a time when your head might not be set and sorted to do so.


Head In the Sand Leads to HIPAA Fine

By Matt Fisher – Continuing a hot streak in the fall of 2020, the Office for Civil Rights announced another HIPAA settlement with a business associate on September 23, 2020. The $2,300,000 fine was imposed on a business associate following a months long cyberattack that resulted in the exfiltration of data for more than 6 million patients.


Refresher on HIPAA Compliance

By Matt Fisher – The start of a new year represents new opportunities to refocus on HIPAA compliance efforts. Ransomware and phishing attacks seem to be drawing the majority of recent headlines, but a couple of human-based incidents have also come out recently.



Know Your Risks: HIPAA Basics

By Matt Fisher – The HHS Office for Civil Rights announced another monetary penalty and settlement for the failure of an entity to fully or competently comply with HIPAA requirements. More particularly, the entity in question offers yet another example of the absence of a risk analysis.