With 2017 having drawn to a close, it is once again time for HIPAA covered entities to complete their annual breach reporting obligations to the U.S. Department of Health & Human Services Office for Civil Rights (“OCR”). Whereas covered entities … Continue Reading
The U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) recently issued guidance emphasizing the increased risks of using mobile devices in the workplace when the mobile devices contain or have access to sensitive data. Particularly, OCR … Continue Reading
There are inherent risks in any vendor relationship. In the healthcare industry, with myriad regulatory pitfalls, the stakes can be even higher. Several customers of the cloud-based electronic health record (EHR) software vendor eClinicalWorks were relieved by a recent decision… Continue Reading
The U.S. Department of Health & Human Services (HHS) issued a recent report noting that cybersecurity is a key public health concern that needs “immediate and aggressive attention.” Shortly thereafter, HHS’ Office for Civil Rights (OCR) released a checklist of … Continue Reading
The Department of Health and Human Services Office for Civil Rights (OCR) issued long-anticipated guidance to help covered entities and their business associates — including cloud service providers (CSPs) — comply with the Health Insurance Portability and Accountability Act (HIPAA) … Continue Reading
Look no further than the last three weeks for proof that HIPAA enforcement is on the rise.
Failure to maintain the security of information systems containing patient information has cost healthcare providers over $10 million in recent settlements of alleged … Continue Reading
Ransomware attacks appear to be increasing in frequency as well as severity. Ransomware is malicious software that encrypts data until a ransom is paid to the hacker. For healthcare providers, the inability to access electronic health records systems due to … Continue Reading