It is back-to-school season, and The Healthcare Compliance Pod is going back to school too! Each week in August, we’re discussing one fundamental basic compliance obligation for healthcare providers, centered exclusively on...more
In celebration of the back-to-school season, the Healthcare Compliance Podcast is launching a new Back to Basics series—this time with a focus on patient rights under HIPAA. Each Thursday in August, the podcast will cover a...more
“Almost every stage of modern healthcare relies on stable and secure computer and network technologies.”
The above is a direct quote from the Office of Civil Rights for Health & Human Services (“OCR”) in its proposed...more
1/31/2025
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Technology ,
Healthcare ,
HIPAA Security Rule ,
OCR ,
Patient Privacy Rights ,
Risk Management
In healthcare, compliance issues can quickly escalate into compliance nightmares, with serious implications for patient safety, legal liability, and an organization’s reputation. Among the most common compliance nightmares...more
Effective December 23, 2024, HIPAA-covered entities and their business associates will be required to comply with new restrictions on how protected health information may be used and disclosed for certain purposes relating to...more
On March 27, 2020, Congress enacted the Coronavirus Aid, Relief & Economic Security Act (CARES Act) which included provisions requiring the U.S. Department of Health & Human Services (“HHS”) to better align the federal...more
One of the fundamental compliance requirements for healthcare providers is protecting the confidentiality and security of the patient health information you maintain. Most healthcare providers are subject to a federal law...more
The healthcare industry remains a popular target for ransomware attacks. If you haven’t been impacted by a ransomware attack, it’s likely only a matter of time before someone you do business with or buy services from is...more
6/10/2024
/ Business Associates ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Information Technology ,
Popular ,
Ransomware
At the Health Care Compliance Association’s recent Annual Compliance Institute in Nashville, artificial intelligence (AI) dominated the conversation.
A common theme: how does the compliance officer keep pace with this...more
5/13/2024
/ Artificial Intelligence ,
Compliance Management Systems ,
Electronic Medical Records ,
Employee Handbooks ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Innovative Technology ,
Machine Learning ,
Patient Safety ,
PHI ,
Policies and Procedures ,
Risk Assessment
On July 7, 2023, the Consumer Financial Protection Bureau, U.S. Department of Human Services, and U.S. Department of Treasury (collectively, the “agencies”) launched an inquiry into high-cost specialty financial products...more
The use of telehealth and remote communication technologies has skyrocketed since the start of the COVID-19 pandemic. At the beginning of the pandemic, the Office of Civil Rights for Health and Human Services (“OCR”) notified...more
The Coronavirus Aid, Relief & Economic Security Act (CARES Act) contains numerous regulatory and payment reforms aimed at bolstering the health care industry and its COVID-19 response efforts. Although far from complete, the...more
A small county in Washington has agreed to pay $215,000 to settle allegations that it violated HIPAA by failing to secure electronic protected health information. Skagit County maintained protected health information (“PHI”)...more
HHS recently announced that it fined a dermatology practice $150,000 for failing to reasonably safeguard an unencrypted thumb drive and failing to conduct an accurate and thorough risk analysis of electronic PHI....more
Affinity Health Plan has agreed to pay more than $1.2 million to settle potential violations of the HIPAA Privacy and Security Regulations....more
A small non-profit hospice in Idaho agreed to pay $50,000 to settle allegations that it violated the HIPAA security regulations. The allegations stemmed from a report made to HHS by the hospice after a laptop containing...more
Yesterday, the U.S. Department of Health and Human Services (HHS) released the long-awaited final rules implementing changes to the HIPAA privacy and security rules enacted in 2009 by the HITECH Act....more