Category Archives: Latest Posts

GAO: HHS Should Establish Mechanism for Obtaining Feedback on HIPAA Data Breach Reporting Process

The Government Accountability Office (GAO) has recommended that the Department of Health and Human Services (HHS) establish a feedback mechanism to improve the effectiveness of its data breach reporting process. The Health Information Technology for Economic and Clinical Health (HITECH) Act, part of the American Recovery and Reinvestment Act of 2009, called for the Secretary of… Read More »

Multiple Class Action Lawsuits Filed Against MCG Health Over Data Breach

Multiple class action lawsuits have been filed against the Seattle-based Hearst Health subsidiary, MCG Health, over a data breach that has affected at least 10 healthcare organizations including Indiana University Health, Lenoir Health Care, Phelps Health, and Jefferson County Health Center. The data breach was reported to the HHS’ Office for Civil Rights on June… Read More »

Free HIPAA Compliance Checklist

HIPAA Journal has partnered with The Compliancy Group to provide a HIPAA compliance checklist. Complete the form below to view the checklist immediately.           The post Free HIPAA Compliance Checklist appeared first on HIPAA Journal.

Warning Issued About 3 High-Severity Vulnerabilities in OFFIS DICOM Software

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory for the healthcare and public health sector warning about three high-severity vulnerabilities in OFFIS DCMTK software. The software is used for examining, constructing, and converting DICOM image files, handling offline media, and sending and receiving images over a network connection. The vulnerabilities affect… Read More »

Podium Confirmed as HIPAA Compliant

Podium, a Lehi, UT-based Software-as-a-Service company that provides business text messaging solutions for local businesses, has achieved HIPAA compliance with Compliancy Group. Podium is redefining the way patients interact with their local healthcare businesses. Through Podium’s robust business text messaging platform, healthcare organizations can text patient leads and current patients, leverage bulk texting for providing… Read More »

American Data Privacy and Protection Act Establishes GDPR-like Federal Data Privacy and Protection Standards

Earlier this month, a draft bipartisan bicameral bill was introduced that seeks federal data privacy and protection regulations, which would replace the current patchwork of data privacy laws in different U.S. states. The American Data Privacy and Protection Act (ADPPA) was introduced by Energy and Commerce Committee Chair Frank Pallone, (D-NJ), Ranking Member Cathy McMorris… Read More »

5 Security Breaches Reported in Which PHI was Potentially Compromised

Patient Information Potentially Compromised in Atrium Health Phishing Attack A phishing incident has been reported by Charlotte, NC-based Atrium Health that exposed the protected health information of 6,695 patients who used its home health service, Atrium Health at Home. On April 7, 2022, an employee responded to a phishing email and disclosed credentials for an… Read More »

5 HIPAA-Regulated Entities Announced Hacking Incidents that Exposed PHI

PHI of Almost 69,000 Individuals Compromised in Hacking Incident at Comstar Comstar, a Rowley, MA-based provider of ambulance billing, collection, ePCR Hosting, and client/patient services, has discovered an unauthorized third-party gained access to some of its servers which housed files that contained individuals’ personally identifiable and protected health information. Some of those files were confirmed… Read More »