HIPAA Blog Posts: HIPAA Covered Entity

Ransomware Attack is a HIPAA Breach

A ransomware attack can trigger a series of bad events leading to a huge HIPAA fine.  The slippery slope: Ransomware attack is a HIPAA breach, which when reported triggers an audit, that discovers a lack of an up to date risk assessment, which leads to a fine for willful neglect.

Continue reading…

No HIPAA Risk Assessment? $400,000 Fine

Metro Community Provider Network received a $400,000 fine and a corrective action plan for failing to do a risk assessment prior to a phishing incident that exposed 3200 employee files.  Doing the risk assessment a month after the breach didn't work.

Continue reading…

The HIPAAssure® NIST Framework vs HITRUST

Compliance Helper offers the NIST framework at a fraction of the cost of HITRUST.  Assure compliance with HIPAAssure®, built on the NIST framework, delivered in the SaaS method, and with the Helper methodology to reduce cost.  

Continue reading…

OCR Steps Up Investigation of Smaller HIPAA Breaches

“We’re doing more investigations of smaller breaches … I think you’re going to see more of that in terms of entities with whom we enter corrective action plans,” reiterated Deven McGraw, Esq., OCR deputy director of health information privacy at the 88th annual American Health Information Management (AHIMA) conference held October 16-19 in Baltimore, MD

Continue reading…

Risk Assessment Critical for MACRA

An up do date risk assessment is a key element in your MIPS Composite Performance Score.  The MACRA Act which was passed with bilateral support in Congress uses the MIPS score to determine reimbursement for practices.

Continue reading…

OCR says: Comprehensive HIPAA Risk Assessment Required

OCR Director, Jocelyn Samuels, reinforced the need for an enterprise-wide assessment when she stated, “[a]ll too often we see covered entities with a limited risk analysis that focuses on a specific system such as the electronic medical record or that fails to provide appropriate oversight and accountability for all parts of the enterprise.” 

Continue reading…

Free HIPAA Risk Assessment

If you qualify for our Jumpstart program you can get a Free HIPAA Risk Assessment here: www.compliancehelper.com/free-hipaa-risk-assessment/ .  If you don't qualify but still need a risk assessment we would be happy to talk with you about our automated HIPAA risk assessment tool that is cost effective and meets the highest standards.

Continue reading…

Small Pharmacy gets $125,000 HIPAA Fine for Willful Neglect

 No HIPAA risk assessment, no HIPAA written policies and procedures, and no HIPAA training equals “willful neglect” and earned a $125,000 HIPAA fine for a Colorado compounding pharmacy.

Continue reading…

Dentist Fined $12,000 for HIPAA Breach caused by a business associate

 The Indiana Attorney General filed a complaint for violation of the Indiana Disclosure of Security Breach Act and HIPAA against Dr. Beck.  Dr. Beck had hired an outside vendor (business associate) to dispose of paper records but the records were discovered in a dumpster.  In a consent decree he agreed to a $12,000 fine.

Continue reading…

HIPAA Data Breach Could Cause 65% of your patients to switch providers

 A recent Transunion Health survey showed that 65% of patients would consider changing providers if their provider had a HIPAA data breach.  73% of younger patients (18-35)  would consider leaving.

Continue reading…