fbpx

HIPAA Archives

  • The FBI and the federal Cybersecurity and Infrastructure Security Agency (CISA) have issued a ransomware awareness alert for the upcoming holiday weekend. The FBI and CISA have observed a trend of increased attacks around U.S. holidays. Businesses are more vulnerable when there are fewer workers in the office or workers are more distracted than usualRead more…

  • August 2021 A covered entity recently discovered that a former employee had “snooped” (inappropriately accessed) over 10,000 patient records almost 4 years after the snooping began. The employee accessed the records in the EHR over a period of about 14 months. That’s over 700 records per month. The snooping went undetected until the former employeeRead more…

  • Patients and physicians who have the devices listed below and use the mylife Cloud and/or mylife Mobile Application should update to the current version of the application and update account passwords ASAP. The app is not sufficiently protecting usernames and passwords making their data vulnerable to exposure/hacking. https://us-cert.cisa.gov/ics/advisories/icsma-21-196-01 mylife website: https://www.mylife-diabetescare.com/en/products/therapy-management/mylife-digital.html mylife Diabetescare devices: YpsomedRead more…

  • What is information blocking? Anything a healthcare provider knows is likely to interfere with the ability of a patient or other authorized person(s) to access, exchange, or use electronically protected health information (ePHI). Taking longer than allowed to respond to patients’ requests for access to their records, or not responding at all. Charging patients aRead more…

  • Some healthcare organizations have received postcards that appear to be from the OCR that they are required to participate in a “Required Security Risk Assessment” and they are to send their risk assessment to a website. This is not from the OCR or the U.S. Department of Health and Human Services, it is an advertisementRead more…

  • Healthcare providers are not required to do anything new or buy new software to comply with the upcoming Information Blocking Rule issued by the HHS Office of the National Coordinator for Health Information Technology (ONC). However, understanding how your current policies and procedures could conflict with the rule’s requirements is a good exercise to startRead more…

  • If you use an on-premises Microsoft Exchange Server, it is important to reach out to your IT Support immediately to be sure updates are installed to boost your cybersecurity and protect against recently discovered critical security vulnerabilities. The vulnerabilities allow an attacker to compromise your network and steal information, encrypt data for ransom, or evenRead more…

  • Last month HHS released a set of proposed upcoming changes to the HIPAA Privacy Rule. Anyone can review and submit comments about the proposed changes until March 22, 2021. After that, HHS will review all comments and make any changes they feel are necessary and issue a final rule that will require compliance. This canRead more…

  • When a minor becomes an adult, they become the owner of their medical record.  Here are a couple of things to consider: When does a minor become an adult; What does the practice need to do to ensure proper handling of the record according to HIPAA. A minor can become an adult in several ways.Read more…