HIPAA

Alameda Health Systems in California recently reported a patient data breach that impacted the information of approximately 90,000 patients. This breach involved unauthorized access to the email accounts of email accounts. This enabled the hackers to use the email accounts to gain access to the patient information.

Cybersecurity threats in 2021 were the largest ever. Experts anticipate that the digital environment in 2022 will be even more dangerous. The American Dental Association was hit by a cyberattack that stole personal information and disrupted services.

The Department of Health and Human Services has established a program known as 405(d). This program is intended to enhance cybersecurity and align industry approaches by developing a common set of voluntary, consensus-based, and industry-led cybersecurity guidelines, practices, methodologies, procedures, and processes that healthcare organizations can use.

Patients have filed a lawsuit against SuperCare over a HIPAA Breach. SuperCare failed to maintain adequate security to protect patient records.

The US Government has issued warnings regarding Russian hackers. Internationally the government has been working to stop these attacks including a major hub that sold stolen medical information. Understand how these risks affect your office and what we can do to prevent future attacks.

The public health emergency is extended until April 16, 2022.

Understand what a Business Associate is, how to determine if an entity is a Business Associate or Covered Entity and the Business Associate Agreement.

The most recent breach was reported by QRS Healthcare Solutions who has the EHR product Paradigm. What does this mean and what can you learn to protect your practice?

There are allegations that a ransomware attack at a medical center contributed to the death of an infant. An article in the Wall Street Journal discusses a lawsuit that has been filed against Springhill Medical Center in Alabama, for the death of an infant. This is the first know lawsuit against a medical provider for an injury or death related to the EHR being unavailable due to ransomware.