According to the Department of Health and Human Services (HHS), business associates of HIPAA covered entities may be held liable for noncompliance of certain HIPAA rules and requirements. HHS has provided the following list of HIPAA violations that business associates can be held fully liable. Penalties for HIPAA Violations by Business Associates HHS will be...
A recent report published by The Poneman Institute/IBM Security released a comprehensive analysis of data breaches reported in 2018. The report indicated that data breach costs have continued to increase, with healthcare organizations experiencing the costliest cases. Below are a few highlights from the report: The report also identified several factors that can reduce the...
The month of April proved to be a busy one for cyberterrorists, with reportedly more breaches than any previous month. The increasing rates of healthcare breaches continued in May, resulting in the exposure of almost 2 million individuals’ protected health information. So far this year, more than 6 million healthcare records have been exposed, which is more...
Good Morning, In order to provide the most current and complete compliance policies and procedures, MedSafe is updating the HIPAA trainings and online HIPAA manuals including new policies and procedures. This change will go into effect on 8/1/2019. Due to these updates, after logging in after August 1st, you will notice new questions that will...
In today’s social media era, companies all over the world benefit from the ease of using social networks to communicate quickly and efficiently with their customers. Although slower to adopt, the healthcare industry has also joined the social media craze. Healthcare organizations utilize social media to attract, communicate, and interact with current and potential patients....
American Medical Collections Agency (AMCA), a company that provides billing collection services to healthcare organizations, confirmed that sometime between August 2018 and March 2019, an unauthorized user accessed its web payment system which included several healthcare clients and held millions of patient’s information. BioReferences Laboratories, Quest Diagnostics/Optum 360, and LabCorp are among those companies affected....
In today’s digital age, it should come as no surprise that the number of employees working from home has been steadily increasing over the past decade. In fact, in the last 15 years, telecommuting positions have grown by a whopping 140%. (1) While new technologies have made telecommuting more possible through easier and more efficient...
Constant Contact, Inc. is an online marketing company, headquartered in Waltham, Massachusetts that provides an email marketing solution which makes it easy for companies to stay in contact with their customers through sending newsletters, updates, and email marketing messages. Many medical offices and healthcare facilities utilize constant contact to keep in touch with their patients....
Have you just experienced a ransomware attack or other cybersecurity incident, you may be wondering what to do next? Fortunately, the HHS, Office for Civil Rights (OCR) has provided a quick response checklist that explains step by step what a HIPAA covered entity or its business associate should do in response to an incident. In...
According to the HIPAA Breach Notification Rule, all covered entities and their business associates are required to report any breach of protected health information. It is essential to understand and implement all breach notification requirements or risk incurring financial penalties as high as $1,500,000 from state attorneys general and the HHS’ Office for Civil Rights....
