A recent investigation by the Office of Civil Rights (OCR) alleges that several security guards from Yakima Valley Memorial Hospital impermissibly accessed the medical records of 419 individuals. This incident highlights the importance of maintaining strict protocols and vigilant oversight when it comes to safeguarding sensitive patient information. The details involving the hospital security guards...
The Health and Human Services (HHS) Office for Civil Rights (OCR) is responsible for enforcing and protecting civil rights and privacy rights in the healthcare industry. With the increasing number of complaints and reviews regarding the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act, the...
HIPAA & Tracking Technologies Tracking technologies such as Google Analytics and Meta Pixel are designed to collect and analyze user data for online activity. The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently issued a notification regarding these and the obligation to HIPAA from the covered entities...
Having an asset management plan is essential to your healthcare business. Similar to how you’d want a list of your household items for insurance coverage in the event of theft or loss, you need to know the details and access them quickly. Especially if an item goes missing or breaks. It is likely that your...
The HIPAA Security Rule includes requirements for a security incident response plan that are important to know especially as the number of reported data breaches continues to rise. The Data Check Point Research provided a mid-year report on cyber attack trends that indicated a 69% increase in targeted healthcare data breaches between 2021 and 2022. ...
As we wrap up National Cybersecurity Awareness Month, we’re going to take a look at the importance of protecting your physical devices. The panic that sets in when you misplace your phone or laptop is overwhelming. But that feeling is amplified if that device contains patient information or access to it. When we mention your...
The HIPAA Security Rule mandates that covered entities must conduct a security risk assessment or SRA. This includes health care plans for individuals, government plans (Medicare, Medicaid, Obamacare), and employer-sponsored plans. Providers that conduct electronic health care transactions must comply with the Security Rule. This means conducting an SRA. It is recommended that this occurs...
The HHS Office for Civil Rights (OCR) has announced resolutions regarding three HIPAA violation investigations. These settlements result from a years-long emphasis on enforcing this regulation by the OCR. There were three dental practices that were given fines with regard to the potential violation of the HIPAA Privacy Rule’s patient right of access. Recently appointed...
Is Your Trash a HIPAA Violation? In the case of the New England Dermatology and Laser Center (NEDLC), their trash was a violation. And a costly one with a $300,640 fee attached. A security guard found a container with identifying information on the attached label. As a result, an investigation by the Department of Health...
Even though telephone conversations and answering machines are considered outdated or passe to some people, it remains necessary to sometimes leave a message for the intended call recipient. In healthcare, voice messages are often necessary for appointment reminders, follow-up calls, and communication to patients. Within the realm of HIPAA, what are you allowed to say?...
© 2023 · HIPAA Secure Now!
Recent Comments