Let’s face it—cyber threats are everywhere, and healthcare organizations are prime targets. From ransomware attacks to data breaches, the risks to sensitive patient information are growing every day. That’s why having a...
View Details »Have you ever wondered how your healthcare provider keeps your sensitive information secure? Protecting patient data isn’t just about compliance with regulations—it’s about maintaining trust, ensuring privacy, and delivering quality care. For...
View Details »When it comes to HIPAA compliance, few topics are more crucial—or more misunderstood—than Accounting of Disclosures and Security Incidents. These two areas lie at the heart of patient privacy and data security, affecting covered entities like doctors...
View Details »In healthcare, securing sensitive patient data isn’t just a responsibility; it’s a legal requirement under HIPAA (Health Insurance Portability and Accountability Act). With the increase in cyber threats targeting healthcare, a fundamental aspect...
View Details »In the healthcare sector, protecting patient privacy is just as important as delivering quality medical care. As electronic health records (EHRs) and other digital tools become the norm, healthcare organizations must prioritize data protection. One of...
View Details »In today’s healthcare environment, protecting patient information isn’t just a responsibility—it’s a legal obligation. Whether you’re a medical assistant, nurse, doctor, dentist, front desk staff member, billing clerk, transcriptionist, or security...
View Details »Safeguarding patient information has never been more critical in an era of increasingly sophisticated data breaches and cyber threats. The healthcare sector, which relies heavily on electronic protected health information (ePHI), must adhere...
View Details »The healthcare ecosystem thrives on collaboration, but when it comes to safeguarding patient privacy, the stakes are high. The Health Insurance Portability and Accountability Act (HIPAA) establishes a comprehensive framework to protect...
View Details »Maintaining the integrity and security of patient information is paramount in the healthcare sector. Ensuring your systems are up-to-date with the latest patches is a vital aspect of HIPAA compliance and overall data security. This article...
View Details »The Health Insurance Portability and Accountability Act (HIPAA) safeguards patients' Protected Health Information (PHI). For healthcare organizations, adhering to HIPAA is both a legal requirement and an ethical obligation. This article dives...
View Details »The healthcare industry thrives on sensitive information. Patient records brim with personal details, diagnoses, treatment plans – a treasure trove for malicious actors in the digital world. Malware, a catch-all term for malicious software...
View Details »Identity theft in healthcare not only compromises the financial stability of individuals but also poses a significant threat to the privacy and security of patient information, directly impacting healthcare providers' compliance...
View Details »In late February 2024, Change Healthcare, a unit of UnitedHealth Group (UHG), fell victim to a cybersecurity incident. The attack disrupted healthcare operations across the country, affecting hospitals, doctors, pharmacies...
View Details »As a dedicated healthcare professional, you're likely accustomed to using mobile devices and email for patient communication, as well as for interaction with colleagues and business associates. While adhering to data security best practices...
View Details »If you work in the healthcare industry, you know how important it is to protect the privacy and security of your patient's health information. You also know how challenging it can be to comply with the Health Insurance Portability...
View Details »If you are a healthcare provider, a business associate, or a patient, you may have heard of the term "accounting of disclosures" in relation to HIPAA. But what does it mean, and why is it important for HIPAA compliance? In this article, we will explain...
View Details »Do you use passwords like "123456", "iloveyou", or your pet's name? If so, you are putting your online accounts and personal information at risk. Hackers can easily guess or crack these passwords and access your data...
View Details »Let’s address the elephant in the room: articles on encryption, cybersecurity, and HIPAA compliance are abundant, often leading to a saturation of information. However, revisiting these topics with a fresh lens is critical as it directly impacts the...
View Details »Ever felt that heart skip when you can't locate your phone in your bag or pocket? That surge of panic? It's just a fraction of what medical professionals feel when they sense a hint of vulnerability in patient data security. For our indispensable...
View Details »Maintaining HIPAA compliance is crucial for any organization dealing with protected health information (PHI). However, navigating the complex requirements of the Health Insurance Portability and Accountability Act (HIPAA) can be a daunting task...
View Details »Imagine waking up one morning to a flurry of alerts and warnings— your data has been compromised. If you are one of the 11 million patients potentially impacted by the recent HCA Healthcare data breach, you don't have to imagine...
View Details »"If privacy is boiling hot... HIPAA is the fire underneath," observes Mac McMillan, a seasoned health IT leader, and CEO of CynergisTek, a top cybersecurity consulting firm. Healthcare professionals and business associates like IT professionals...
View Details »Robust authentication measures enhance the security of electronic protected health information (ePHI), reduce the risk of unauthorized access or breaches, and demonstrate compliance with HIPAA's requirements for safeguarding patient information...
View Details »Healthcare workers in the United States must navigate the complexities of Protected Health Information (PHI) and the Health Insurance Portability and Accountability Act (HIPAA). This is especially true for healthcare workers who may not yet...
View Details »Columbus Children's Hospital in Ohio is under scrutiny following a recent investigation conducted by the US Department of Labor. The investigation revealed that the hospital failed to safeguard its employees, including nurses...
View Details »System patches are like digital shields that enhance security and optimize performance. They fix vulnerabilities and protect against evolving cyber threats...
View Details »Healthcare compliance is crucial to the smooth operations of healthcare organizations, and it is essential to comply with all relevant laws and regulations to avoid legal issues and maintain...
View Details »Here are the top 5 reasons for HIPAA fines and violations that every Covered Entity and Business Associate should know:
View Details »Healthcare professionals, HIPAA Covered Entities, and Business Associates are all tasked with protecting the sensitive health information of patients. The recent $875,000 penalty imposed on OSU-CHS for HIPAA violations should serve as a wake-up call...
View Details »While Medicare is designed to ensure access to affordable healthcare, healthcare providers must adhere to strict guidelines to avoid violations and fines.
View Details »Digitalization acceleration. With the advent of modernization and technology, we see digitalization as a valuable and convenient method of doing transactions in our daily life. For instance...
View Details »As the need and dependency of people and businesses on computers, mobile gadgets, electronic data, and a variety of programs and applications consistently...
View Details »The University of Rochester Medical Center (URMC) has paid a $3 million HIPAA penalty to the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services...
View Details »• Forgotten to remove access of a departing employee?
• Forgotten to collect devices with potential PHI from departing employees?...
On March 23, 2021, acting United States Attorney M. Rhett DeHart announced that according to the Federal Bureau of Investigation’s 2020 Internet Crime Report, South Carolinians lost more than...
View Details »We certainly live in interesting times. I mean, my mother that is 87 years old, received a tablet for her Christmas present. My three-year-old grandson uses his mother's cell phone...
View Details »Business Associates
In an ideal world, each healthcare provider (aka Covered Entity) has a...
Does HIPAA mention anything about passwords?
Yes. Password and Password Management are explicitly stipulated in the following provisions:
First, under "Definitions" [45 CFR 164.304] of the "Security...
§ 164.312(a)(1)
Allow access to ePHI only to those granted access rights. Implementation specifications under Access Control...
Also known as Accounting of Disclosures of Protected Health Information, it is a mandate under 45 CFR § 164.528 of the Security and Privacy, Subpart E - Privacy of Individually Identifiable Health Information...
View Details »With the current critical and dangerous events unfolding, there is no avoiding discussion of unsettling threats – particularly cyber threats...
View Details »Q: Is a HIPAA Security Officer necessary? Can we make do without having one? A: The short answer is "No."...
View Details »In 2016, the 21st Century Cures Act came into effect under President Obama; as of April 5th, 2021, the program rule on...
View Details »Physical Safeguards (45 CFR § 164.304) refers to physical measures, policies, and procedures to protect a covered entity’s or business...
View Details »The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), issued a fact sheet enumerating a list of HIPAA...
View Details »“Encryption is a method of converting an original message of regular text into encoded text. The text is encrypted by means of an algorithm...
View Details »By this time you should have a basic understanding of cybersecurity, cyber attacks, cyber tools, and malware. If you need a refresher on these...
View Details »The words "policies" and "procedure(s)" are not specifically defined in HIPAA. However, in the publication...
View Details »Assigning a HIPAA Security Officer is one of the mandates of HIPAA as indicated in 45 CFR § 164.308 (a) (2). It specifically...
View Details »Aetna has entered into a resolution agreement with the Office of the Civil Rights (OCR), U.S. Department of Health and Human Services...
View Details »