What's the Tea in L&E? Can You Share An Employee's Medical Info?
Podcast: Discussing Information Blocking with Eddie Williams
Podcast: Keeping an Eye on HIPAA Trends with Shannon Hartsfield
A Zero Percent Error Rate: An Inspiring Story on How to Get There
Expanded Information Block Rules Go into Effect
Podcast: Interoperability: Information Blocking Claims and Enforcement - Diagnosing Health Care
Podcast: Interoperability: Health Care's Next Disruptor Is openEHR - Diagnosing Health Care
Podcast: Interoperability: A New Vision Through openEHR - Diagnosing Health Care
Taking the Pulse, A Health Care and Life Sciences Podcast | Episode 99: David Stefanich, Co-founder and CEO, Rymedi
Podcast: Interoperability - the Role of Health Information Exchanges - Diagnosing Health Care
Gerry Blass on Healthcare Vendor Risk Management
Hooper, Kearney and Macklin on Cutting Edge Topics in the False Claims Act
AGG Talks: Technology - In the Balance: Interoperability and Security
The New Information Blocking Rule: What It Means For Hospices
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
From NC State to Changing the State of Health Information Networks, with Medicom Technologies’ Malcolm Benitz
Exploring Digitization of Health and Medical Data and Records Part Two
Exploring Digitization of Health and Medical Data and Records Part One
Patient Records Requests: What You Need to Know
Electronic Medical Records: Help or Hindrance?
What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more
A healthcare provider delivering pain management services in Florida and other states faces a $1.19 million civil monetary penalty from the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR)....more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more
It is no secret that protected health information (or “PHI”) is more and more at risk for cybersecurity attacks. In 2022 (the most recent year this statistic is available), the Department for Health and Human Services Office...more
Last month, a cyberattack forced two New York hospitals to divert and even discharge some patients to other facilities, while the affected hospitals shut down their IT systems to address the issue and restore their secure...more
Healthcare risk doesn’t stop at the facility’s door. Covered entities have countless business associates (BA), each of which poses risks of its own. That, in and of itself, is a challenge, but Gerry Blass, President and CEO...more
The California Attorney General ("AG") has issued guidance reminding health care providers of their duty to report health care data breaches and to comply with other state and federal data privacy laws....more
Ransomware Particularly Inflicts Health Care and Life Sciences Organizations - Ransomware is a malicious cyber threat vector that employs encryption malware to prevent users from accessing their systems and data unless...more
Cyberattacks against healthcare providers accounted for 79% of all reported data breaches in 2020. (See here). The U.S. Department of Health and Human Services’ (HHS) Office of the Assistant Secretary for Preparedness and...more
Users of Universal Health Services (UHS), one of the largest healthcare systems in the country, recently lost access to electronic medical records when UHS suffered a ransomware attack and took its systems offline to...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
The U.S. Department of Health and Human Services (HHS) announced on July 23 that Metropolitan Community Health Services (Metro) paid $25,000 to HHS’s Office for Civil Rights (OCR) to resolve HIPAA violations. Metro, a...more
The Department of Health and Human Services (HHS) announced on April 2 that HHS is exercising its enforcement discretion to permit business associates to use and disclose protected health information (PHI) for public health...more
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services recently announced that 2018 was a significant year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. ...more
On February 7, 2019, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services published the resolution agreement for its final HIPAA settlement of 2018. ...more
In December 2018, twelve state Attorneys General ("AGs") jointly filed suit against Medical Informatics Engineering, Inc. (“MIE”) claiming it violated the Health Insurance Portability and Accountability Act and its related...more
The health care industry is racing to adopt cutting-edge technology to provide patients with the best treatment possible at the lowest possible cost. ...more
In the age of electronic medical records and ransomware attacks, recent focus with regard to HIPAA compliance seems to be on electronic security. How are your electronic medical records stored? Do you require two-factor...more
In the latest twist in a case that began last year, an administrative law judge (ALJ) agreed that a $4.3 million penalty, levied by the Office of Civil Rights (OCR) against the MD Anderson Cancer Center as a result of HIPAA...more
The health care industry continues to get hammered by SamSam ransomware attacks, to the point that the Department of Health and Human Services Healthcare Cybersecurity and Communications Integration Center (HCCIC) has issued...more
The virtual world offers opportunities and obligations not found in nature. For a couple of years, my wife has followed the adventures of a bonded eagle couple, Liberty and Freedom, residing in the hills near Hanover,...more
In an industry overrun with news of almost daily privacy breaches, what makes the Fresenius settlement especially newsworthy is the size of the fine compared to the size of the breach and the types of breaches involved....more
Verizon recently issued its Protected Health Information (PHI) Data Breach Report, which is always an interesting read. Not surprisingly, Verizon’s report concludes that based upon analysis of 1,360 security incidents...more
In the first settlement for HIPAA violations in 2018, Fresenius Medical Care North America (Fresenius) has agreed to pay $3.5 million to the Office for Civil Rights (OCR) to settle allegations against it relating to five data...more