As we continue to examine the final HIPAA privacy and security regulations, as amended by the HITECH Act and the Genetic Information Nondiscrimination Act, we pulled together a summary of some of the key points. We fully expect additional sub-regulatory guidance to be provided by OCR, such as frequently asked questions and sample business
Data Security
Top 13 for 2013 – Happy Privacy Day
Top 13 data privacy and security issues for 2013…
Continue Reading Top 13 for 2013 – Happy Privacy Day
Final HIPAA/HITECH Privacy and Security Regulations Released
Final HIPAA regulations are out……
Continue Reading Final HIPAA/HITECH Privacy and Security Regulations Released
Privacy on the Go: California’s Recommendations for Mobile Device/App Privacy and Security
In 2012, California took significant steps to increase privacy protections for users of mobile applications (apps) which involved working with companies such as Amazon, Apple, Facebook, Google, Hewlett-Packard, and Microsoft. In July 2012, the Attorney General created the Privacy Enforcement and Protection Unit, with the mission of protecting the inalienable right to privacy conferred by the…
Massachusetts AG Coakley Announces $140K Settlement Following Public Dumping of HIPAA PHI by Medical Billing Service Provider
Medical billing company’s alleged dumping of medical records results in $140K settlement with Massachusetts Attorney General.
Continue Reading Massachusetts AG Coakley Announces $140K Settlement Following Public Dumping of HIPAA PHI by Medical Billing Service Provider
Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?
Is your cloud service provider HIPAA-compliant?
Continue Reading Are Cloud Service Providers Business Associates under HIPAA and the HITECH Act?
Start 2013 On The Right Foot – Assess Your Organization’s Information Risk
The $50,000 in penalties that the Office for Civil Rights (OCR) recently imposed on a health care provider in Idaho was due in part to allegations that the HIPAA covered entity had not conducted a risk assessment as required under the HIPAA privacy and security regulations. Of course, HIPAA is not the only law that requires a risk…
Small HIPAA Breach (Affecting Fewer Than 500) Leads to Substantial Penalties
HIPAA data breach affecting 441 patients leads to investigation resulting in $50K in penalties due to alleged lapses in security compliance.
Continue Reading Small HIPAA Breach (Affecting Fewer Than 500) Leads to Substantial Penalties
California AG Begins Enforcing the State’s Online Privacy Protection Act for Websites, Aps
California AG begins enforcing the state’s Online Privacy Protection Act which requires commercial operators of online services, including websites and mobile and social apps, that collect personally identifiable information from Californians to conspicuously post a privacy policy.
Continue Reading California AG Begins Enforcing the State’s Online Privacy Protection Act for Websites, Aps
Sandy – A Reminder to Adopt/Reevaluate Your Disaster Recovery Plan
The effects of a hurricane like Sandy should be a reminder to all businesses of the importance of disaster recovery planning. When these storms threaten there is no shortage of images of sandbags and plywood being used to prevent harm to companies’ bricks and mortar. However, rarely do we see steps businesses should be taking to protect…