Health IT, HIPAA, and the CMS Incentive Programs Blog
For physicians, hospitals, government agencies, and business associatesDeadline for updating grandfathered Business Associate Agreements Looms
The HIPAA Omnibus/Final Rule, published on January 25, 2013, grandfathered valid HIPAA Business Associate agreements prior to that date until September 22, 2014. That grace period is rapidly coming to an end. Department of Health and Human Services (HHS) defines...
PHI of 400 found in street near Connecticut Health Exchange
AccessHealthCT, the health insurance exchange in Connecticut, announced that an employee of a contractor left a backpack containing the protected health information of 400 of the state’s residents on the street. The information left behind was written on a notepad and...
U.S. DOJ indicts IRS Tax Fraud ring in Alabama
The U.S. Department of Justice announced indictments for a criminal ring involving individuals working at multiple facilities in Alabama. Other individuals in the fraud ring were former employees of a hospital located on Ft. Benning Army base. The ring allegedly used...
Verizon 2014 Data Breach Investigation Report: Key findings on insider misuse and human error
Verizon’s 2014 Data Breach Investigations Report categorized 63,000 security incidents from 95 countries into 9 categories of causes. For the healthcare organizations surveyed, just 3 of those categories accounted for 73% of the security incidents experience—Theft and...
Mitigating Heartbleed’s lingering effects on networked medical devices
Many healthcare organizations remain unaware that the Heartbleed bug can affect more than just websites and web servers. The bug, discovered separately by Neel Mehta and his team from Google Security in late March and later by Finnish security firm Codenomicon in...
HHS Releases Annual Report of Breaches of Protected Health Information to Congress: Part 2
HHS Report of Breaches, 2011-2012, Part #2 The U.S. Department of Health and Human Services (HHS) recently submitted their Annual Report to Congress on Breaches of Unsecured Protected Health Information (PHI), for the calendar years 2011-2012. We blogged previously...
HHS Releases Annual Report of Breaches of Protected Health Information to Congress: Part 1
HHS Report of Breaches, 2011-2012, Part #1 The U.S. Department of Health and Human Services (HHS) submitted their Annual Report to Congress on Breaches of Unsecured Protected Health Information (PHI), for the calendar years 2011-2012. Theft and loss of computing...
Jocelyn Samuels Joins OCR to Oversee Civil Rights, Privacy
Recently confirmed Health and Human Services Secretary Sylvia Mathews Burwell has named Jocelyn Samuels as director of the HHS Office for Civil Rights (OCR). In this role, her duties also include enforcement of the HIPAA privacy, security and breach notification...
