The Office for Civil Rights (OCR) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a March 3 alert to provide guidance pertaining to Microsoft Exchange server vulnerabilities.
It’s the age-old tale in healthcare: Your organization needs more resources, but leadership simply isn’t interested in helping out. “This has been a challenge since the pre-HIPAA days,” says Kate Borten, CISSP, CISM, HCISPP, founder of The Marblehead Group in Marblehead, Massachusetts. “It’s always been a challenge.”
Q: What are the encryption requirements when using Google Drive™, Dropbox®, or other information-storing applications? How do we ensure HIPAA compliance when using them?
Gore Medical Management LLC, a healthcare provider based out of Griffin, Georgia, reported a breach last month that impacted 79,100 individuals, according to the Office for Civil Rights (OCR) breach report.
In the weeks leading up to his departure from office, former President Donald Trump signed H.R. 7898 into law, amending the HITECH Act to require the Health and Human Services secretary to consider certain recognized security practices of covered entities (CE) and business associates (BA) when taking enforcement actions.
HHS acting Secretary Norris Cochran declared a public health emergency (PHE) for the state of Texas on February 17 as a result of the recent winter storms.
Q: Is it permissible to store paper patient records in a public storage unit? If so, do the storage units need to use specific safeguards to be HIPAA compliant?
Q: Do companies such as FitBit (and others that sell wearable devices that track and store health information) need to abide by HIPAA regulations? Should I be concerned with how these companies are viewing and sharing my health information?
Sharp HealthCare, a regional healthcare group based out of San Diego, agreed to take corrective action and pay $70,000 to settle a potential violation of the HIPAA right of access standard, according to its resolution agreement with the Office for Civil Rights (OCR).
