HIPAA

Data Breaches in Healthcare and the Rising Risk of Class Action Litigation Data breaches in healthcare continue to increase in frequency and severity, and they are increasingly followed by class action lawsuits against medical practices and healthcare systems. These lawsuits represent a significant financial and operational risk for covered entities and business associates alike.

Prepare for the Next Network or System Outage: Ensure Continuity of Patient Care Healthcare practices rely heavily on electronic systems for managing patient care, scheduling, documentation, prescriptions, referrals, billing, and communication. Unexpected outages—whether caused by cyberattacks, natural disasters, software errors, or network failures—can have a drastic impact on patient care and business operations. Because of this, having a comprehensive plan to respond to downtime is essential. This plan is known as your downtime contingency plan.

Were you using NextGen in 2023 and did your practice experience a data breach? Your patients may be eligible to join a class action lawsuit against NextGen. According to Claim Depot

Cyberattacks targeting health care organizations are on the rise. According to OCR Director Melanie Fontes Rainer, securing electronic protected health information (ePHI) is more important than ever. Organizations that fail to address known vulnerabilities put patient data—and their reputation—at risk.

TriZetto Provider Solutions is a healthcare IT subsidiary of Cognizant Technology Solutions that provides revenue cycle management and claims processing services to physicians, hospitals, and health systems. Trizetto has experienced a significant data breach of patient information.

Maintaining good email security is an important factor in keeping your network secure and your patient information safe. Statistics show that 75-90% of cyberattacks start with a phishing email, making it the top delivery method for malware and/or ransomware. Email Security needs to be addressed whether or not emails are used to send patient information. Any time anyone, an employee or a patient, sends or receives emails on your network, that is an access point to your network. In order to protect your network, we need to determine what security protocols are in place to ensure nothing malicious is able to piggy-back on the email connections.

HHS’ Office for Civil Rights Settles HIPAA Right of Access Investigation with Concentra, Inc.

Did you know that your certified EHR has audit logs? Other software that your office uses may also have audit logs. You can enable audit logs to track activity on your network and on your computers.

I’d like to share a personal experience that has made me so grateful to have HIPAA. I understand and sympathize with that burden HIPAA places on providers and practices. At TLD Systems we do our best to minimize that burden, educate you about your responsibilities and help you to meet the HIPAA requirements. My experiences reminded me that HIPAA is about protecting patents, and at some point we are all patients.

Screen all employees at the time of hiring and every month for the List of Exclude Individuals/Entities. A current employee can end up on the exclusions list at any time so it is important to regularly check to see if they are on the exclusions list.