HIPAA & Healthcare Compliance Blog

It should be well understood that malicious cyber activity threatens the public’s safety and our national and economic security. The threat of cybercrime is such that the Federal Government has made the FBI the lead federal agency for investigating cyber-attacks and intrusions. In addition to the FBI, the Federal Government has other agencies and legislation …

Cyber Security and HIPAA Read More »

As stated in the Homeland Security website: "Across the country, in our communities, we share everyday moments with our neighbors, family, coworkers, and friends. We go to work or school, the grocery store, or the gas station. It's easy to overlook these routine moments, but as you're going about your day, if you see something …

Security Incidents Read More »

In the article "How to Keep Unwanted Eyes From Spying on Your Security Cameras" dated September 16, 2019, Ms. Rachel Cericola mentioned stories about families hearing voices and threats coming from their home's security devices. This incident is not uncommon as the news has discussed this topic and even shown actual videos of hackers accessing …

Common HIPAA Security Threats Read More »

Access to information through the internet has become more and more in demand. This need has particularly accelerated since last year, 2020, when the COVID-19 pandemic started, with most people being homebound due to quarantine restrictions. The use of teleconsultation is one of the modern healthcare technologies and practices that has soared due to the …

Telecommunication and Cybersecurity Read More »

Malware is a term created to encompass a wide variety of types of malware such as computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, and scareware. The problem with malware is that these programs continue to evolve on a continuous basis, with each iteration becoming more dangerous. For Calendar Year 2020, Safety Detectives …

Malware Read More »

SCENARIO #1. Disgrunted employee decides to get even with the company. Employee has access to case records and opts to delete all of them. Organization is unable to pinpoint nor prove who did it as everyone in the company has the same login and password. HIPAA Solution: UNIQUE USER IDENTIFICATION (R) - § 164.312(a)(2)(i) SCENARIO …

Access Controls Scenarios and Solutions Read More »

Top Cybersecurity for 2020 include: Data breaches exposed 4.1 billion records in the first half of 2019. (RiskBased) 71% of breaches were financially motivated and 25% were motivated by espionage. (Verizon) 52% of breaches featured hacking, 28% involved malware and 32–33% included phishing or social engineering, respectively. (Verizon) The most common causes of data breach: …

Cyber Security Read More »

45 CFR § 164.528 HIPAA Privacy Rule currently requires covered entities to make available, upon request, an accounting of certain disclosures of an individual’s PHI made up to six years prior to the request. Accounting should include date, name of recipient (and address, if known), brief description of the PHI disclosed and purpose of disclosure. …

Accounting of Disclosures Read More »

There is a hacker attack every 39 seconds https://www.securitymagazine.com/articles/87787-hackers-attack-every-39-seconds Over 75% of healthcare industry has been infected with malware over last year https://www.prnewswire.com/news-releases/report-reveals-healthcare-industry-lacking-in-basic-security-awareness-among-staff-putting-entire-medical-infrastructure-at-risk-300352485.html 95% of cybersecurity breaches are due to human error https://www.cybintsolutions.com/employee-education-reduces-risk In 2018 hackers stole half a billion personal records https://www.nbcnews.com/business/consumer/you-ve-been-breached-hackers-stole-nearly-half-billion-personal-n966496 Phishing, ransomware and crypto jacking are the 2019 most significant cybersecurity threats …

Cyber Security Facts Read More »

From the Department of the US Navy the definition of Cyber Tools is – “A program used for software development or system maintenance. Virtually any program or utility that helps programmers or users develop applications or maintain their computers can be called a tool.” In short, cyber crime continues to increase. Cyber criminals use a …

Cyber Tools Read More »

A new Fact Sheet was recently issued by the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) enumerating a list of HIPAA rule prohibitions that deems the Business Associate directly accountable and subject for enforcement action. A “Business Associate” under the HIPAA Privacy Rule, is defined as “a person or …

HHS OCR Issued New Fact Sheet Concerning Business Associates Direct Liability Under HIPAA Read More »

Common experience and our data† suggest that the offices/entities/practitioners subjected to HIPAA and Medicare billing (ACA/OIG) audits and fines and healthcare office OSHA audits and inspection are in the following relative percentages: HIPAA – 35.9% Medicare ACA/OIG – 56.1% OSHA – 8.0% Discussion: Although HIPAA fine exposure is relatively low compared to Medicare audit exposure, …

What are your risks of audit and fine: HIPAA, Medicare, OSHA for Healthcare† Read More »

The Occupational Safety and Health Regulation (OSHA) Act has been in place since 1970. With its strict and comprehensive regulations and standards it is expected that most, if not all, of the safety aspects in each employees respective workplaces are well guarded. However, safety in workplaces is a two-way street, so to speak.In one hand, …

Poor Healthcare Workplace Safety Performance According to Latest Data Read More »

HIPAA requirements may just be as complex, at times hard to sort out and thoroughly complete as majority of the people under the healthcare industry experiences. A published settlement by the U.S. Department of Health & Human Services (HHS) on April 2017 showed a wireless health services provider based in Pennsylvania was found non-compliant to …

Perspective: HIPAA Requirements, Accountability vs. Liability Read More »

People who work in the healthcare industry have time and time again been educated and undergone training exhaustively on the principles and application of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). But just as the sun always rises in the east, it is not always easy to foolproof oneself, nor a process …

HIPAA Blunders: Hard Lessons to Learn Read More »