Google Meet is an advanced VoIP and videoconferencing service that can be used by healthcare providers to provide telehealth services, remote consultations, and virtual patient visits. But is Google Meet HIPAA compliant? Google Meet is rapidly becoming the go-to videoconferencing service for organizations in all industries due to its integrations with other productivity tools in… Read More »
The HHS’ Office for Civil Rights (OCR) has agreed to settle three HIPAA investigations of potential HIPAA Right of Access violations by dental practices. All three of the investigations were initiated after complaints from patients about the failure of their dental practices to provide them with timely access to their medical records, with one of… Read More »
The answer to the question are phone calls HIPAA compliant can be dependent on who is making the call, what the call concerns and who the call is to. Before discussing are phone calls HIPAA compliant, it is important to establish who HIPAA applies to. This is because almost two-thirds of complaints about HIPAA violations… Read More »
The maximum penalty for violating HIPAA is currently $1,919,173 (September 2022). However, this figure represents the maximum penalty per violation type, and Covered Entities and Business Associates found guilty of multiple violations can expect to pay much more. When Congress passed HIPAA in 1996, it set the maximum penalty for violating HIPAA at $100 per… Read More »
In answer to the question can medical records be subpoenaed; the answer is yes because every type of record can be subpoenaed. Possibly a more relevant question would be “how should healthcare providers respond to a subpoena for medical records”? In most states, there are three types of subpoenas – a “witness subpoena” that requires… Read More »
Lubbock Heart & Surgical Hospital in Texas has recently announced it was the victim of a hacking incident that resulted in disruption to the operations of some of its IT systems. The cyberattack was detected by the hospital on July 12, 2022, and immediate action was taken to contain the incident and prevent further unauthorized… Read More »
One of the capabilities of many business password managers is the ability to send encrypted messages to any recipient. Often this capability is used to securely share login credentials or other confidential data. But is it okay to share ePHI via a business password manager? Over the past few years, the capabilities of business password… Read More »
The Physicians’ Spine and Rehabilitation Specialists of Georgia (PSRSG) has notified 38,765 patients that some of their protected health information has potentially been compromised in a cyberattack that occurred on or around July 11, 2022. A team of external cybersecurity experts was engaged to assist with the investigation and remediation efforts, and its systems were… Read More »
What happens after a HIPAA complaint is filed can vary according to who it is filed with, whether or not the complaint is justified, and the nature of the complaint. When you register with a healthcare provider or become a member of a group health plan, you are given a Notice of Privacy Practices. The… Read More »
The ISO 27001 standard is currently being updated and the latest version is due for publication next month. The early indications are that, although the control domains will be significantly revised, there are only minor changes expected to the ISO 27001 password management controls. The ISO 27001 standard is an international information security standard jointly… Read More »