OCR

Health IT Security and Compliance October 22, 2020

Systemic Noncompliance

By Art Gross – The story narrative varies slightly from episode to episode, but the outcome is generally the same. Pay a fine, make a plan, regret not doing this all in the first place. This isn’t some soap opera or Netflix binge-worthy series; this is real life and the characters are the healthcare industry and Office for Civil Rights.

Health IT Security and Compliance October 13, 2020

Right to Access Enforcement Initiative

By Art Gross – In 2019, the Office for Civil Rights at the U.S. Department of Health and Human Services announced an initiative that they would make it a priority to enforce an individual’s right to access their health records in a timely manner and at a reasonable cost. This falls under the HIPAA Privacy Rule.

Data Privacy and Security October 5, 2020

Head In the Sand Leads to HIPAA Fine

By Matt Fisher – Continuing a hot streak in the fall of 2020, the Office for Civil Rights announced another HIPAA settlement with a business associate on September 23, 2020. The $2,300,000 fine was imposed on a business associate following a months long cyberattack that resulted in the exfiltration of data for more than 6 million patients.

Health IT Security and Compliance October 1, 2020

Deny Patient Access at Own Risk

By Matt Fisher – The Office for Civil Rights continues its recent attention to enforcing an individual’s right of access under HIPAA. The latest step is the concurrent announcement of five settlements with various entities for alleged failures to provide records upon request.

Health IT Security and Compliance August 28, 2020

Wish You Were Here!

By Art Gross – It’s always nice to get a postcard from friends or family who are away on vacation. But this week we learned of a new kind of postcard being sent out with not-so-well wishes. The HHS Office for Civil Rights is warning on fraudulent postcards to HIPAA Privacy and Security Officers.