South Denver Cardiology Associates (SDCA) has recently announced it was the victim of a cyberattack in January 2022 in which files containing patient information were accessed and potentially stolen by hackers. Unusual network activity was detected on January 4, 2022, and the SDCA breach response process was immediately initiated. Systems were isolated from the network… Read More »
Although the answer to the question is HIPAA is federal law is yes, there are occasions when HIPAA is pre-empted by state laws or other federal laws – adding to the complexity of compliance. When the Healthcare Insurance Portability and Accountability Act was passed in 1996, most references to preemption appeared in the Group Health… Read More »
Legal action is being taken against Logan Health and subsidiary, sister, and related entities of Logan Health over a data breach that occurred in 2021 and affected 213,543 Logan Health Medical Center patients. The class action lawsuit was filed in the U.S. District Court for the District of Montana Great Falls Division by law firm… Read More »
Protenus has released its 2022 Breach Barometer Report which confirms 2021 was a particularly bad year for healthcare industry data breaches, with more than 50 million healthcare records exposed or compromised in 2021. The report includes healthcare data breaches reported to regulators, as well as data breaches that have been reported in the media, incidents… Read More »
Posted, a provider of AI-driven tools to ease the administrative burden on healthcare providers, has been confirmed as having implemented an effective HIPAA compliance program by Compliancy Group. Posted provides predictive analysis, price transparency, and medical billing and claims services to healthcare providers, which naturally sees the company provided with patients’ protected health information (PHI).… Read More »
The Mauldin SC-based IT company, Ruffian Software, has completed Compliancy Group’s HIPAA compliance process and has been confirmed as having implemented an effective HIPAA compliance program. Ruffian Software protects the networks, systems, and data of managed IT providers and their clients through automated privileged account management. The company has developed a platform for creating, managing,… Read More »
The text of the Healthcare Insurance Portability and Accountability Act is full of HIPAA exceptions – adding to the complexity of complying with the Act and often resulting in organizations and public agencies applying far more stringent restrictions than necessary. In 2007, the Reporters Committee for the Freedom of the Press published a Guide to… Read More »
A round-up of 6 cyberattacks that have recently been reported by healthcare providers and business associates that resulted in the exposure and possible theft of patients’ protected health information. Duncan Regional Hospital Duncan Regional Hospital in Oklahoma has announced that hackers gained access to its systems and potentially exfiltrated sensitive patient and employee information. The… Read More »
Requirements to implement HIPAA safeguards appear more often in the text of the Healthcare Insurance Portability and Accountability Act than is often acknowledged. While many sources are aware of the Administrative, Physical, and Technical Safeguards of the Security Rule, less specific requirements relating to HIPAA safeguards also appear in the Privacy Rule. Compared to specific… Read More »
Over 500,000 individuals have been affected by cyberattacks on Norwood Clinic, PracticeMax, Central Indiana Orthopedics, and an unauthorized electronic medical record incident at Ascension Michigan. Norwood Clinic The Birmingham, AL-based multi-specialty clinic, Norwood Clinic, has recently started notifying 228,103 individuals that some of their protected health information was accessed in a cyberattack that was detected… Read More »