The Office for Civil Rights (OCR) will assume responsibility for enforcing the “Confidentiality of Substance Use Disorder (SUD) Patient Records” regulations at 42 CFR part 2 (“Part 2”), which protect the privacy of patients’ SUD treatment records. The announcement was published in the Federal Register on August 26. The Part 2 regulations predate HIPAA and [...]| The HIPAA E-Tool
Another major hospital system has settled a class action lawsuit over the breach of patients' sensitive protected health information (PHI) on its MyChart portal. Mount Sinai Health System (Mount Sinai), the largest hospital network in New York City, will pay $5.26 million to settle claims. This is the second recent announcement by a major health [...]| The HIPAA E-Tool
Avoid costly audits and investigations with strong HIPAA compliance. OCR enforcement is focused on Risk Analysis and ransomware prevention.| The HIPAA E-Tool
OCR is looking at potential HIPAA violations caused by the use of website tracking technology in healthcare.| The HIPAA E-Tool
Staying ahead of the regulators requires an understanding of FTC consumer protection laws. FTC's mandate includes health privacy.| The HIPAA E-Tool
The UnitedHealth Group holds the record for the largest healthcare data breach in history. The 2024 data breach at Change Healthcare, a UHG subsidiary, affected over 190 million individuals. UHG recently revised that number upward to 192.7 million, according to a letter Change Healthcare sent to New Hampshire's attorney general. UnitedHealth Group is facing scrutiny [...]| The HIPAA E-Tool
A jury decided that Meta violated California privacy law by using consumers' private health information for commercial purposes without consent.| The HIPAA E-Tool
BJC HealthCare (BJC) has agreed to pay up to $9.25 million to resolve a class action lawsuit alleging that it disclosed patients' protected health information (PHI) to third parties without the patients' knowledge or consent. Patients who used the BJC portal, MyChart, from June 2017 through August 2022 are eligible to obtain a cash payment [...]| The HIPAA E-Tool
The Integrated Oncology Network was hacked via a phishing email in December and now faces HIPAA investigations and breach of privacy lawsuits.| The HIPAA E-Tool
For example, you can learn what the Office for Civil Rights (OCR), the HIPAA enforcement office, is focused on and double down on those issues. As time| The HIPAA E-Tool
Social engineering uses tricks to get people to give up information, credentials, or access. There are good defenses to use to fight back.| The HIPAA E-Tool
The latest HIPAA enforcement action, against Deer Oaks, a behavioral health provider, underscores the importance of conducting a thorough HIPAA risk analysis. Yesterday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Deer Oaks – The Behavioral Health Solution (Deer Oaks), a behavioral health provider, resolving [...]| The HIPAA E-Tool
High-pressure tactics are fueling healthcare fraud attacks on patients and providers. Learn how to recognize and fight back against cybercrime.| The HIPAA E-Tool
A federal judge in Texas has invalidated the 2024 HIPAA Reproductive Health modifications to the Privacy Rule. The decision is immediate and applies nationwide. Background on HIPAA Reproductive Health In 2022, the Supreme Court decided Dobbs v. Jackson Women's Health Organization, which removed the federal right to abortion. States promptly began to restrict reproductive health [...]| The HIPAA E-Tool
Gargle is a dental marketing services vendor with customers nationwide. When a misconfiguration left its data vulnerable, millions were exposed.| The HIPAA E-Tool
Healthcare identity theft is a national crisis, as demonstrated by major breaches at LabCorp and Quest. But it doesn't have to be that way.| The HIPAA E-Tool
Ransomware under HIPAA is presumed to be a breach and must be investigated to determine whether any protected health information has been compromised.| The HIPAA E-Tool
Broad new changes in CMS payment rules benefit patients and a range of providers during COVID-19.| The HIPAA E-Tool
Expand your use of telehealth during COVID-19 with flexibility under HIPAA. This works for all providers for any medical condition, not just COVID-19.| The HIPAA E-Tool
HIPAA and natural disasters: rules still apply during public emergencies although a few temporary waivers are available to hospitals.| The HIPAA E-Tool
The HIPAA E-Tool software walks you step-by-step through the HIPAA Rules to protect patient privacy. Contact us and Get a free demo now!| The HIPAA E-Tool
Learn the basics of HIPAA breach notification - investigate, document, notify and report.| The HIPAA E-Tool
Shields Health faces a $15.35 million settlement of proposed class action lawsuits, demonstrating the importance of HIPAA compliance and privacy.| The HIPAA E-Tool
The latest HIPAA enforcement action from the Trump administration underscores the importance of a thorough HIPAA risk analysis every year.| The HIPAA E-Tool
Medical identity theft is the fastest growing type of identity theft today. Use HIPAA compliance to outsmart the thieves.| The HIPAA E-Tool
Paying ransom is not a guaranteed solution and brings other risks, but disruption may be extreme, creating a terrible choice.| The HIPAA E-Tool
HIPAA is not going away but will continue to change under COVID-19, adapting to the needs of patients and to preserve privacy.| The HIPAA E-Tool
Healthcare providers need to communicate with a patient's loved ones. But how do you know what to share with a patient's family and friends and still remain HIPAA-compliant?| The HIPAA E-Tool
HIPAA isn't only about privacy. It's about the right of access to your own records. It should be easy, but too often patients' rights are blocked.| The HIPAA E-Tool
Access to medical records should be easy. Do not use a HIPAA Authorization form, or overcharge patients for copies if you want to comply with HIPAA. This is a hot button issue right now at the Office for Civil Rights (OCR) so it’s important to handle patients’ requests for their own records the right way.| The HIPAA E-Tool
Fix this common (avoidable) mistake. Learn how to handle requests for protected health information with a simple and definitive up-to-date guide.| The HIPAA E-Tool
Learn the core questions in a HIPAA Risk Analysis so you can make honest and useful risk assessments and a Risk Management Plan.| The HIPAA E-Tool
A Security Rule update is coming, and you can prepare now to get ahead of the changes by strengthening your cybersecurity practices today.| The HIPAA E-Tool
The HIPAA Compliance Officer is your company's HIPAA Team Leader. How do you select an officer and exactly what do they do?| The HIPAA E-Tool
Use business associate due diligence to ensure your HIPAA risk analysis is complete. Require HIPAA compliance and sign a BA agreement.| The HIPAA E-Tool
Protected health information is still one of the most widely misunderstood concepts in HIPAA. Examples and FAQs help explain PHI.| The HIPAA E-Tool
Learn more about HIPAA Risk Analysis and find out how to do it on your own. Take out the mystery and gain the confidence you need to manage your specific risks.| The HIPAA E-Tool
Know what a covered entity is under HIPAA - learn the basics and see answers to commonly asked questions that might surprise you.| The HIPAA E-Tool
The enormous growth in Telehealth has spurred an increase in emails and texts with patients - providers beware - you need to follow HIPAA.| The HIPAA E-Tool
Employees are the strongest defense but might also be the weakest link when it comes to HIPAA compliance. Learn how to help them do their best.| The HIPAA E-Tool
HIPAA requires a contingency plan to help prevent avoidable losses caused by disaster. Create one that fits your specific needs and reduces your risks.| The HIPAA E-Tool
Set yourself apart in the eyes of OCR and improve your protection of ePHI to avoid breaches, investigations and fines - create a HIPAA compliant IT inventory.| The HIPAA E-Tool
Behavioral health and small providers receive scrutiny in these recent HIPAA enforcement actions. Learn the right of access requirements and avoid fines.| The HIPAA E-Tool
Most organizations fail their HIPAA audit because they haven’t completed a HIPAA Risk Analysis. It’s a core HIPAA requirement but is often overlooked.| The HIPAA E-Tool
Even though Business Associates represent the largest group of professionals responsible for HIPAA compliance, they don't treat patients. Still, BAs face tremendous HIPAA scrutiny.| The HIPAA E-Tool
Review HIPAA authorization basics - learn when to obtain one from a patient, and how to respond if you receive one asking you for a patient's PHI.| The HIPAA E-Tool
Risk Analysis protects healthcare from cyber crime. Learn about the Security Rule Checklist, a critical, central part of Risk Analysis.| The HIPAA E-Tool
The HIPAA right of access is an OCR priority so providers should learn the simple rules to make access easy and fast.| The HIPAA E-Tool
The keys to success for HIPAA compliance start with four core concepts but expand to fit your unique situation. Seek improvement, not perfection.| The HIPAA E-Tool
This HIPAA training outline covers all the key topics and will boost your confidence, whether you are starting new or improving existing training.| The HIPAA E-Tool
The single most important thing a healthcare organization can do for HIPAA compliance is a Risk Analysis.| The HIPAA E-Tool
OCR is concerned about business associate compliance and sounds a wake-up call with a recent settlement mandating risk analysis and training.| The HIPAA E-Tool
Understanding the definition of PHI will help maintain patient privacy, strengthen HIPAA compliance, and avoid costly breaches and investigations.| The HIPAA E-Tool
HIPAA training needs to be fast and flexible - learn how to break it into steps and make it relevant to specific job duties for maximum benefit.| The HIPAA E-Tool
What happens without a strong HIPAA compliance program? If forced to settle with OCR, a Corrective Action Plan is expensive, time consuming and painful.| The HIPAA E-Tool