This month’s column will dig a bit deeper and look at the reasons why lawsuits are filed in the first place and what gets healthcare entities in hot water. Hopefully this will help guide you when it comes to addressing those activities and events that result in costly legal battles.
Q: My organization is considering outsourcing our coding to an offshore company. Does HIPAA apply only to healthcare entities and business associates located within the United States? If so, what would happen if the offshore third party experiences a breach? What are the risks associated with this decision?
The incident involved information stored in a UPMC health plan employee’s email account, per the security notice posted on UPMC’s website. UPMC says it was first notified on December 9 of a phishing incident that may have exposed protected health information (PHI) of patients
In addition to struggling to properly fulfill patient records requests, organizations largely failed to implement sufficient risk analyses and risk management strategies, the recently released 2016-2017 HIPAA Audits Industry Report revealed.
Hendrick Health System, a nonprofit healthcare provider in Abilene, Texas, reported a data breach on January 15 affecting 640,436 individuals, according to the Office for Civil Rights (OCR) breach report.
In the months before a transition to a new administration, the Office for Civil Rights (OCR) released the long-awaited 2016-2017 HIPAA Audits Industry Report, offering a look at the successes and shortcomings of select covered entities (CE) and business associates (BA).
A recent survey conducted by Irdeto and Censuswide revealed that 80% of healthcare technology providers have suffered a cyberattack over the past five years.
Q: Are there any clauses in HIPAA that mandate the sharing of health information of a public figure (such as the president) whose health is of legitimate interest to the American public? Or do normal HIPAA rules apply for the president?
Q: What are the encryption requirements when using Google Drive™, Dropbox®, or other information-storing applications? How do we ensure HIPAA compliance when using them?
