By Matt Fisher – Potentially lost in the week leading up to the July 4th holiday weekend, the OCR announced its latest HIPAA related breach settlement. The settlement is one of the first directed at a business associate and serves as a pointed reminder that business associates may be directly liable for the breaches that they may cause.
Read More
By Bob Grant – The Obama administration submitted its budget proposal for fiscal-year 2017. The OCR Budget in Brief details the increased budget–$1.15 trillion of which is allotted for HHS. $43 million of these funds will go to the Office for Civil Rights, and $82 million will go to the ONC.
By Bob Grant – The HHS Office for Civil Rights released an updated Audit Protocol that it plans to use while investigating health care entities for HIPAA compliance. The biggest change to the audit protocol is the distinction that OCR has made between what’s required of Business Associates and Covered Entities.
By Bob Grant – The HHS Office for Civil Rights announced that NY Presbyterian Hospital would be required to pay a $2.2M settlement after the “egregious disclosure” of two patients’ protected health information. NYP allowed an ABC film crew and staff from the show “NY Med” to film two patients, one of whom was dying, and another experiencing serious distress.
By Matt Fisher – Mobile apps are a topic of frequent discussion in the healthcare field these days. Questions include what regulatory requirements apply, are the apps trustworthy, is information kept safe and secure, and others. The question of what regulations apply in particular leaves many confused and uncertain as to what needs to be done.
By Bob Grant – In the past 90 days, there have been five separate instances of hospitals in the US and Canada being hit by ransomware attacks. The most recent of these instances affected MedStar Health, which is the largest health care provider throughout the Maryland and Washington, D.C. area.
By Matt Fisher – The Office for Civil Rights announced a $750,000 settlement with Raleigh Orthopaedic Clinic, P.A. of NC on 4/20/16, resulting from a breach involving an “undocumented” business associate. The settlement comes only weeks before desk audits are expected to begin and focuses on a perceived area of weakness, BA agreements.
By Bob Grant – As of March 22, 2016, the Office for Civil Rights (OCR) has officially begun their Phase 2 HIPAA Privacy, Security, and Breach Notification Audit Program. This announcement comes after months of speculation and preparation for the eventual roll-out of this new program. Luckily, with Compliancy Group you won’t have to go it alone.
By Jonathan Krasner – Although HIPAA is an important set of laws passed to protect the sensitive medical information handled by millions of covered entities and business associates, HHS Office for Civil Rights has never established a permanent compliance audit program.