By Matt Fisher – It often seems as though a day does not go by without the report of a new breach of healthcare data. Examples of breaches include loss of unencrypted devices (whether laptops, flash drives or other devices), usage of non-secure services, inattention to paper records, employee snooping, and more.
Read More
By Matt Fisher – A hospital in Arkansas recently learned the lesson of the nuances contained within the HIPAA Privacy Rule. There are many uses and disclosures identified in the Privacy Rule that permit actions that would otherwise appear to be a breach.
By Matt Fisher – A recent settlement announcement from the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) highlights the need to evaluate web-based applications and storage solutions. Web-based or cloud solutions are viable options and tools for healthcare entities to utilize, but those tools need to evaluated for compliance with HIPAA security requirements.
By Matt Fisher – Stories appear almost everyday about medical records being improperly accessed, hacked or otherwise being stolen. The number of stories about such thefts is almost matched by the number of stories about the high value placed upon medical records by identity thieves and others.
By Matt Fisher – The rapid adoption of electronic health records (“EHR”) and other new technology in healthcare has resulted in the introduction of serious security threats. Numerous stories and reports have made it clear that hackers, criminals and others view the healthcare industry as a ripe target due to security vulnerabilities. This issue is exacerbated by the high value placed upon medical records in the black market.
By Matthew Fisher – Concierge medicine is a term and concept often discussed, but at the same time often not fully understood. It is not necessarily a new model of practice, but it has gained significantly increased attention since passage of the Affordable Care Act.
By Matt Fisher – A practical guide for the governing boards of healthcare organizations was recently released through the joint effort of the Office of the Inspector General (“OIG”) of the Department of Health and Human Services, the American Health Lawyers Associated, the Association of Healthcare Internal Auditors and the Health Care Compliance Association.
By Matt Fisher – Another HIPAA breach settlement announcement and another lesson from the Department of Health and Human Services Office for Civil Rights (“OCR”). Cornell Prescription Pharmacy (“Cornell”) is a single location pharmacy located in Colorado that will pay OCR $125,000 to resolve allegations of a variety of HIPAA violations. When the facts of the circumstances are described, it will likely raise questions as to why the settlement was so low.
By Matt Fisher – Potentially lost in all of the privacy, security, and health IT news coming out of the HIMSS Annual Meeting the week of April 11th, the ONC updated its Guide to Privacy and Security of Electronic Health Information (the “Guide”).