HIPAA Blog Posts: Health Information Privacy

Ransomware Attack Closed ENT Practice

Hackers erased the patient records and appointment records in retaliation for not receiving $6500 ransom.  The doctors decided to close the practice and retire.

Continue reading…

22% Increase in Medical Identity Theft

 Over 2 million patients had their medical identity stolen in 2014 which represented a 22% increase over the previous year according to the organization Medical Identity Fraud Alliance or MIFA.

Continue reading…

Catch 22 of HIPAA Cyberinsurance

 A large cyberinsurance company is claiming that it doesn't have to pay a claim based on a HIPAA breach because the covered entity failed to meet "minimum required practices".  Cottage Hospital in Santa Barbara had a HIPAA breach of 32,500 patient records or PHI in in 2013 and filed a claim for $4.1 million, which CNA is contesting.

Continue reading…

The Human Factor Most Important in Protecting PHI

  “Protecting patient data (PHI) comes down to one key factor – the human factor.  As attackers continue to find new ways to exploit healthcare organizations, compromising patient data and patient trust, one common denominator remains – the human factor.”

Continue reading…

Information Security versus HIPAA Compliance

 CISO: Compliance Is the Wrong InfoSec Focus.  Even if your information security program was bullet proof (an unlikely scenario), a HIPAA risk assessment based on the NIST protocol would probably show that you were not HIPAA compliant.  

Continue reading…

Crooks are after your PHI

 The recent Ponemon Institute study showed a 125% increase in criminal attacks on healthcare data.  These now outrank stolen laptops as the leading cause of breach.

Continue reading…

Anthem Hack and Physician Practices

Anthem was hacked, with exposure to 80 million patient files, which qualifies as a HIPAA breach, but what does that mean to a small physician practice?  The hack has been attributed to a program called "Deep Panda" and the Chinese Army, which is unlikely to target a small physician practice, but could trigger copycat attacks.

Continue reading…

HIPAAssure™ from Compliance Helper

 The new name for our services is HIPAAssure™ which reflects the fact that we not only help organizations get HIPAA compliant, we measure their compliance, display their compliance to them and their business partners so that everyone is assured that they are HIPAA compliant.

Continue reading…

Violate HIPAA:Go To Jail

 An employee of a covered entity was sentenced to 37 months in jail for violating HIPAA. regulations.  In this case it was fraud since the employee was selling the patient records but in another famous case at UCLA it was caused by an employee "peeking" at famous patient's records.

Continue reading…

Pay Back MU Money?

OIG has stated that if a CE failed to perform even one measure of Meaningful Use they would have to return the stimulus funds and might be audited to determine if there was fraud.  A Florida firm just had to pay back $31 million for falsely attesting to compliance.

Continue reading…