Various healthcare industry studies have shown that an alarming number of medical practices are not prepared to be HIPAA compliant. For example, certain surveys indicated roughly 1/3 of respondents had not conducted a HIPAA-required risk analysis. HIPAA ruling 164.308(a)(1)(ii)(A) requires a medical practice (covered entity) to periodically perform a thorough risk analysis. Meanwhile, The U.S. […]
Attorney generals and district attorneys around the country, are increasingly taking HIPAA violations seriously. Criminal charges for violating HIPAA are serious. You should know that the federal government can bring criminal charges against companies and company employees under the Health Insurance Portability and Accountability Act (HIPAA). Attorney generals and district attorneys around the country, are
Violating HIPAA regulations is a Crime that Can Lead to Serious Penalties read more »
Phishing emails usually appear to come from a well-known organization and ask for your personal information – such as credit card number, social security number, account number or password. Often times phishing attempts appear to come from sites, services, and companies with which you do not even have an account. More information about phishing emails
In the wake of two recent global ransomware attacks, Airway Oxygen Inc., a privately held Michigan-based medical equipment provider reported that the mid-April ransomware attack had more than 500,000 patient records compromised. In what is believed to be one of the most severe ransomware attacks on healthcare information in 2017, over half-a-million patient records including
As a provider of IT managed services to medical practices and other small and medium businesses predominantly in New Jersey, we continue to see numerous examples HIPAA (Health Insurance Portability and Accountability Act) violations that are risking medical practice profitability and viability. We encounter many practices that are not aware the financial and operational risks
HIPAA Breaches and Penalties Proliferate in New Jersey read more »
In September of 2015 Cancer Care Group, P.C, a radiation oncology private physician practice, with 13 radiation oncologists serving hospitals and clinics throughout Indiana, agreed to pay a $750,000 penalty corresponding to a breach in 2012. In conjunction to the monetary fine, Cancer Care Group, P.C has agreed to adopt an action plan to correct
$750,000 HIPAA settlement emphasizes the importance of risk analysis read more »
So, your practice may have achieved the coveted HIPAA compliance. Congratulations – now you must maintain it! Maintaining a consistent HIPAA compliance program is a critical part of ongoing compliance, which includes documentation, proactive risk management, privacy and security operations and periodic self-audits. 7 Steps of HIPAA Compliance Maintenance Promote and nurture culture of compliance
Here is a list of 11 mobile apps that can assist medical practitioners in their daily workflow, listed in alphabetical order. AgileMD Platform: iOS, Android Price: ranges from free to individuals to share with up to 20 clinicians, to $75,000+ annual subscription to health systems (2+ departments/sites) with unlimited clinicians. AgileMD is a web, mobile,
11 Great Mobile Apps for Doctors and Medical Professionals read more »
For the first time criminal hacking is the number one root cause of the of data breaches (45%), replacing the lost or stolen computing devices as the main cause(43%), as Ponemon Institute reports the results of a Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data survey funded by a data breach response
Health care data breach spike hits all-time high read more »
In a historic data breach hackers have stolen information on tens of millions records of the insurance company Anthem Inc.. The information hacked from Anthem, Inc. includes patient’s birthdays, medical IDs, social security numbers, mailing and e-mail addresses. Even employment information, and, possibly, individual’s income data was stolen. While Anthem puts accent on the statement
HIPAA Final Rule The HIPAA Final Rule, released January 17, 2013, taking effect March 26, 2013, must be implemented by Covered Entities and Business Associates by September 23, 2013, which has already passed. One requirement is to train all workforce members. Even those familiar with HIPAA policies will need retraining, according to HHS Office of
Medical practices that do not take proactive steps towards becoming HIPAA compliant do so with great risk, and sometimes are being misguided about a mandate to be compliant. Here are 12 common misconceptions about HIPAA you must be aware of: 1. “I can’t afford being compliant.” Yes, you may need to spend money to
High-risk medical technology has been found to be infected by computer viruses and malware, health and security experts stated. The warnings were given as part of a panel discussion in Washington DC, as reported by Technology Review from the Massachusetts Institute of Technology. Here is one example of how the systems can be affected by viruses
Cybersecurity for Networked Medical Devices: Computer viruses and malware on the rise read more »
I recently came across an article that highlighted a five doctor, Arizona based cardiac surgery practice, that was fined $100,000 by the Division of Health and Human Services (HHS) for violating the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. The small firm was keeping their patient appointment calendars on a public
HIPAA Privacy and Security Rules Compliancy is a Must! read more »
