The Government Accountability Office (GAO) recently conducted a review of Medicare telehealth services provided during the COVID-19 pandemic, when a waiver was in place that greatly expanded access to telehealth and virtual visits. The review covered the utilization of telehealth services, how the CMS identified and monitored risks under the Medicare waivers, and how the… Read More »
Humana has recently announced that the protected health information of 22,767 individuals has potentially been compromised in a security incident and data breach at one of its business associates – Choice Health – which Human used to sell Medicare products on its behalf. On May 18, 2022, Choice Health learned that a Choice Health database… Read More »
The Health Secord Cybersecurity Coordination Center (HC3) has issued a warning about the Chinese state-sponsored threat actor tracked as APT41. The group has been active since at least 2012 and has a history of targeting the healthcare sector, as well as education, high-tech, media, retail, software, pharma, telecoms, video games, travel services, and virtual currencies,… Read More »
Wolfe Clinic, P.C in Iowa has recently confirmed that it was affected by the data breach at the electronic medical record provider, Eye Care Leaders. The attack exposed the protected health information of 542,776 current and former Wolfe Clinic patients. Wolfe Clinic used the myCare Integrity medical records platform, which was accessed by an unauthorized… Read More »
The Cybersecurity and Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have issued a warning about a recently discovered vulnerability that affects certain Medtronic insulin pumps. The flaw could be exploited by a malicious actor to manipulate patients’ insulin doses, resulting in too much or too little insulin being delivered. The vulnerability… Read More »
A warning has been issued to the healthcare and public health (HPH) sector about an ongoing Monkeypox phishing campaign targeting U.S. healthcare providers that attempts to steal Outlook, Office 365, and other email credentials. Monkeypox is a highly contagious viral disease caused by a virus from the same family as smallpox. According to the Centers… Read More »
Google Meet is an advanced VoIP and videoconferencing service that can be used by healthcare providers to provide telehealth services, remote consultations, and virtual patient visits. But is Google Meet HIPAA compliant? Google Meet is rapidly becoming the go-to videoconferencing service for organizations in all industries due to its integrations with other productivity tools in… Read More »
The HHS’ Office for Civil Rights (OCR) has agreed to settle three HIPAA investigations of potential HIPAA Right of Access violations by dental practices. All three of the investigations were initiated after complaints from patients about the failure of their dental practices to provide them with timely access to their medical records, with one of… Read More »
The answer to the question are phone calls HIPAA compliant can be dependent on who is making the call, what the call concerns and who the call is to. Before discussing are phone calls HIPAA compliant, it is important to establish who HIPAA applies to. This is because almost two-thirds of complaints about HIPAA violations… Read More »
The maximum penalty for violating HIPAA is currently $1,919,173 (September 2022). However, this figure represents the maximum penalty per violation type, and Covered Entities and Business Associates found guilty of multiple violations can expect to pay much more. When Congress passed HIPAA in 1996, it set the maximum penalty for violating HIPAA at $100 per… Read More »