HIPAA

Cybersecurity threats in 2021 were the largest ever. Experts anticipate that the digital environment in 2022 will be even more dangerous. The American Dental Association was hit by a cyberattack that stole personal information and disrupted services.

The Department of Health and Human Services has established a program known as 405(d). This program is intended to enhance cybersecurity and align industry approaches by developing a common set of voluntary, consensus-based, and industry-led cybersecurity guidelines, practices, methodologies, procedures, and processes that healthcare organizations can use.

Patients have filed a lawsuit against SuperCare over a HIPAA Breach. SuperCare failed to maintain adequate security to protect patient records.

The US Government has issued warnings regarding Russian hackers. Internationally the government has been working to stop these attacks including a major hub that sold stolen medical information. Understand how these risks affect your office and what we can do to prevent future attacks.

Understand what a Business Associate is, how to determine if an entity is a Business Associate or Covered Entity and the Business Associate Agreement.

The most recent breach was reported by QRS Healthcare Solutions who has the EHR product Paradigm. What does this mean and what can you learn to protect your practice?

There are allegations that a ransomware attack at a medical center contributed to the death of an infant. An article in the Wall Street Journal discusses a lawsuit that has been filed against Springhill Medical Center in Alabama, for the death of an infant. This is the first know lawsuit against a medical provider for an injury or death related to the EHR being unavailable due to ransomware.

Summary of lessons healthcare can learn from the Facebook outage including Break Glass Policy, Backup Systems, Human error and Risk Mitigation

The Department of Health and Human Services today announced workplace guidance on the Health Insurance Portability and Accountability Act’s applicability to disclosures and requests for information about whether a person has received a COVID-19 vaccine.

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address Credit Card security, Web Browser security and Cell Phone Security