A study (registration required) by two data security firms, Norse in Silicon Valley and SANS, discussed in a recent L.A. Times article, confirms the concerns raised by the FDA and others about increased use of internet-connected medical devices by healthcare providers and the corresponding increase in the information systems of those providers being attacked,
Employee’s Unauthorized Texting of Confidential Health Information May Impose Employer Liability
Written by Jeffrey M. Schlossberg
When does a medical clinic’s employee’s unauthorized texting of patient confidential health information result in liability to the clinic? The answer; it depends.
In Doe v. Guthrie Clinic, Ltd., the Second Circuit Court of Appeals dismissed a patient’s claim against a medical corporation for alleged breach of fiduciary duty
Top 14 for 2014
In honor of National Data Privacy Day, we provide the following “Top 14 for 2014.” While the list is by no means exhaustive, it does provide critical areas businesses will need to consider in 2014.
- Location Based Tracking. As the utilization of GPS enable devices becomes more and more prevalent, employers are often faced
OCR Responds To Critical OIG Report About the Extent of OCR’s HIPAA Enforcement
A report issued by the Department of Health and Human Services Office of Inspector General (“OIG”) concludes that the Office for Civil Rights (“OCR”) did not meet all of its federal requirements for oversight and enforcement of the HIPAA Security Rule. While the report noted OCR met some of these requirements, it also found that:
Another Small Healthcare Provider Settles Potential HIPAA Violations Following Data Breach, Office For Civil Rights Announces
A familiar story – small health care provider suffers a data breach affecting patient data, reports incident to the federal Office for Civil Rights (OCR) and winds up becoming subject to an OCR investigation that goes well beyond the breach itself, resulting in a significant settlement payment and corrective action plan.
In this case,
Google Glass in the Workplace
WSJ reported on November 22, 2013, Google’s push to move Google Glass, a computerized device with an “optical head-mounted display,” into the mainstream by tapping the prescription eyewear market through VSP Global—a nationwide vision benefits provider and maker of frames and lenses. If the speed and immersion of technology over the past few years
Healthcare.gov Not Secure, According to IT Security Experts
According to testimony before the House Committee on Science, Space, and Technology and warnings from IT security experts, individuals using the federal government’s website to obtain health coverage through the Exchange are likely putting the security of their sensitive personal information at significant risk. Reports about the cost of the federal website vary,
CMS Seeks Emergency Review and Approval of its One-Hour Breach Notification Rule for Exchanges
Today, the Centers for Medicare and Medicaid Services (CMS) requested an "emergency review" of its recently proposed rule that "[Federally-facilitated Exchanges or FFEs], non-Exchange entities associated with FFEs, and State Exchanges must report all privacy and security incidents and breaches to HHS within one hour of discovering the incident or breach."
Check Out Our Webinar Addressing the HIPAA, HITECH Omnibus Regulations
Click on the link in this post for high-level compliance roadmap concerning the Omnibus Privacy Rule under HIPAA and HITECH for covered plans, providers and business associates.
Continue Reading Check Out Our Webinar Addressing the HIPAA, HITECH Omnibus Regulations
Wellpoint pays $1.7 Million to Settle Potential HIPAA Violations
Breach involving software upgrade to online application system leads to allegations of HIPAA privacy and security failures, and a $1.7 million settlement payment to HHS.
Continue Reading Wellpoint pays $1.7 Million to Settle Potential HIPAA Violations