$4.3 Million HIPAA Penalty for MD Anderson Cancer Center Vacated by Court of Appeals
The 5th Circuit U.S. Court of Appeals in Louisiana has vacated the civil monetary penalties imposed on the [...]
HIPAA Articles
Excellus Health Plan Hit with $5.1 Million Penalty for 10 Million-Record Data Breach
Excellus Health Plan has settled a HIPAA violation case with the HHS’ Office for Civil Rights and has [...]
OCR Announces 13th HIPAA Right of Access Settlement
In 2019, the Department of Health and Human Services’ Office for Civil Rights announced a new HIPAA [...]
OCR Confirms Allowable Disclosures of ePHI to Health Information Exchanges for Public Health Purposes
The HHS’ Office for Civil Rights has issued new guidance to help HIPAA covered entities and their business [...]
OCR Fines University of Cincinnati Medical Center $65,000 for Failure to Provide Patient’s Medical Records
The University of Cincinnati Medical Center (UCMC) has been fined $65,000 by the HHS’ Office for Civil [...]
OCR Announces 11th Financial Penalty under HIPAA Right of Access Enforcement Initiative
A Regal Park, NY-based private otolaryngology practitioner has been issued with a $15,000 financial penalty [...]
10th Financial Penalty Announced Under OCR’s HIPAA Right of Access Enforcement Initiative
The HHS’ Office for Civil Rights has made good on its promise to step up enforcement of compliance with the [...]
ShopRite Data Breach Results in $235,000 HIPAA Penalty for Wakefern Food Corporation
New Jersey Attorney General General Gurbir S. Grewal and the New Jersey Division of Consumer Affairs have [...]
City of New Haven Settles HIPAA Violation Case with OCR for $202K
The City of New Haven in Connecticut has settled a HIPAA violation case with the U.S. Department of Health [...]
Aetna Pays $1,000,000 Penalty to Resolve Multiple Violations of the HIPAA Rules
The health plan Aetna, part of the Aetna Life Insurance Company, has agreed to pay a $1 million penalty to [...]
$100,000 Financial Penalty Imposed on NY Spine for HIPAA Right of Access Failure
In 2019, the U.S. Department of Health and Human Services’ Office for Civil Rights launched its HIPAA Right [...]
Community Health Systems Settles Data Breach Case with 28 State Attorneys General for $5 Million
Tennessee Attorney General Herbert H. Slatery III has announced a $5 million settlement has been reached with [...]
OCR Issues 8th HIPAA Penalty Under HIPAA Right of Access Enforcement Initiative
The Department of Health and Human Services’ Office for Civil Rights has imposed its 8th HIPAA penalty on a [...]
Anthem Settles Multi-State Action with State Attorneys General Over 2014 Data Breach
A multi-state investigation by attorneys general in 42 states and Washington D.C. over the 78.8 million [...]
Premera Blue Cross to Pay $6.8 Million OCR HIPAA Fine for 2014 Data Breach
The HHS’ Office for Civil Rights (OCR) has imposed its second largest ever HIPAA violation penalty – [...]
$2.3 Million HIPAA Penalty for Business Associate for 6 Million-Record Data Breach
The Community Health Systems business associate, CHSPSC LLC, has settled its HIPAA violation case with the [...]
Athens Orthopedic Clinic Agrees to Pay $1.5 Million to Settle OCR HIPAA Violation Case
The Department of Health and Human Services’ Office for Civil Rights (OCR) has settled another HIPAA [...]
Americans Largely Unaware of Extent that Health Insurers Access their Online Data
A recent MITRE-Harris poll has revealed most Americans are unaware of the extent to which health insurers are [...]
OCR Updates mHealth Portal Adding New Resources for HIPAA Health App Developers
In certain circumstances, the developers of mobile health apps are classed as business associates and are [...]
Before You Can Safeguard PHI, You Must Know Where it is Located
HIPAA-covered entities and their business associates are required to implement safeguards to ensure the [...]
Health Plans Added to June 2020 OCR Plasma Donation Guidance
In June 2020, the U.S Department of Health and Human Services (HHS) issued guidance explaining how HIPAA [...]
OCR Issues Warning About Misleading Postcards Sent to Compliance Officers About HIPAA Security Risk Assessments
The Department of Health and Human Services’ Office for Civil Rights has issued an alert about a potential [...]
Lifespan Health System Slapped with $1 Million Fine for Noncompliance with the HIPAA Rules
For the second time in a week, the HHS’ Office for Civil Rights (OCR) has announced a fine has been imposed [...]
HHS Reviews COVID-19 Situation and Extends Public Health Emergency for Further 90 Days
On January 31, 2020, the Secretary of the Department of Health and Human Services declared the outbreaks of [...]
$25,000 Penalty for Small Healthcare Provider for HIPAA Security Rule Failures
The Department of Health and Human Services’ Office for Civil Rights (OCR) has agreed to settle a HIPAA [...]
Is Google Voice HIPAA Compliant?
Can healthcare providers and their employees utilize Google Voice? Is this telephony service HIPAA compliant? [...]
Telehealth Policy Changes Could Become Permanent When COVID-19 Public Health Emergency Ends
If there is one good thing to come out of the COVID-19 pandemic it is the changes that have been made to [...]
Reports of COVID-19 Diagnoses by Media Suggest Violations of HIPAA
When famous people are diagnosed with an illness or suffer an accident, that can be headline news. The Health [...]
Episcopal Health Services Data Breach Lawsuit Sent Back to State Court for Further Proceedings
A lawsuit filed against Episcopal Health Services following a phishing attack that exposed the protected [...]
OCR Issues Guidance on Contacting Former COVID-19 Patients About Blood and Plasma Donations
The Department of Health and Human Services’ Office for Civil Rights has issued new HIPAA guidance to clear [...]
Film Crews Not Permitted in Hospitals Unless HIPAA Authorizations are Obtained from Patients, Warns OCR
Hospitals have been warned that they must not allow film crews into parts of hospitals where there is [...]
COVID-19 and HIPAA Guidance on Disclosures of PHI to First Responders
The HHS’ Office for Civil Rights has issued guidance on COVID-19 and HIPAA about the permitted disclosures [...]
OCR Issues Guidance on Telehealth Services During COVID-19 Public Health Emergency
Last week, the Trump Administration extended Medicare telehealth services as the COVID-19 crisis deepened. [...]
2019 Novel Coronavirus and HIPAA Compliance
Important information on the 2019 Novel Coronavirus and HIPAA compliance, the limited HIPAA waiver announced [...]
Widespread E1 Transactions Violations Discovered by HHS’ Office of Inspector General
A recent audit of a mail-order pharmacy and 29 other healthcare provides by the Department of Health and [...]
HIPAA Email Retention Policy
While email retention is not specifically mentioned in the HIPAA text, certain provisions cover data [...]
HIPAA Subpoena for Medical Records: What You Need to Know
A HIPAA subpoena for medical records is an area where there is considerable potential for a HIPAA violation. [...]
HIPAA Compliant Website Requirements
What are the requirements for a HIPAA compliant website? Here we list the important elements when setting up [...]
What is the HIPAA “Minimum Necessary” Standard?
The HIPAA “Minimum Necessary” standard is an important provision of HIPAA and one that all healthcare [...]
HIPAA Compliance Failures Result in $65,000 Fine for Georgia Ambulance Company
West Georgia Ambulance, Inc., an ambulance company serving Carroll County in Georgia, has agreed to settle a [...]
Is Office 365 HIPAA Compliant?
Is Office 365 HIPAA compliant? Can healthcare organizations use Office 365 in connection with protected [...]
Is Google Forms HIPAA Compliant?
Google Forms is a survey administration tool that allows forms to be created for data collection purposes, [...]
Breach Notification Rule Failure Leads to $2.175 Million HIPAA Settlement
A breach notification failure and the lack of a business associate agreement has led to a $2.175 million [...]
20 Common HIPAA Myths Debunked
In this post we cover some of the many HIPAA myths that have been circulating on the internet and often get [...]
OCR Imposes $1.6 Million Civil Monetary Penalty on Texas Health and Human Services Commission for HIPAA Violations
The Department of Health and Human Services’ Office for Civil Rights (OCR) has fined another HIPAA-covered [...]
Failure to Encrypt ePHI on Portable Devices Results in $3 Million Financial Penalty
The HHS’ Office for Civil Rights (OCR) has announced its sixth HIPAA penalty of 2019. The University of [...]
Jackson Health System Pays $2.15 Million Penalty for Widespread Noncompliance with HIPAA Rules
Jackson Health System (JHS) has paid a $2.15 million civil monetary penalty to the HHS’ Office for Civil [...]
Dental Practice Gets $10,000 HIPAA Penalty for PHI Disclosures on Social Media
A dental practice has been fined $10,000 by the HHS’ Office for Civil Rights for violating Health Insurance [...]
Senate Stalls on Lifting of Ban on Funding National Patient Identifier System
The Health Insurance Portability and Accountability Act of 1996 called for the Department of Health and Human [...]
HHS Issues Guidance on Managing Malicious Insider Threats
The Department of Health and Human Services’ Office for Civil Rights has issued guidance for HIPAA-covered [...]
51% of Healthcare Providers Are Not Fully Compliant with HIPAA Right of Access
Healthcare providers are providing patients with copies of their medical records, but a majority have been [...]
$74 Million Premera Blue Cross Settlement Gets Preliminary Approval
A consolidated class action lawsuit against Premera Blue Cross over its 2014 data breach of 10.6 million [...]
$145 Settlement Proposed by Allscripts to Resolve HIPAA and Anti-Kickback Case
Allscripts Healthcare Solutions has proposed a settlement of $145 million to resolve alleged violations of [...]
Premera Blue Cross Settles HIPAA Case for $10 Million
Premera Blue Cross has agreed to settle its HIPAA violation lawsuit and pay a $10 million penalty to resolve [...]
Unauthorized Medical Record Access and Disclosure Results in 1 Year Jail Term
The penalties for HIPAA violations are usually restricted to fines for the covered entity or business [...]
AMCA Files for Bankruptcy Following Massive Data Breach
After 42 years in business, the parent company of American Medical Collections Agency (AMCA) has sought [...]
EHR Provider to Pay $900,000 to Resolve Multi-State HIPAA Case
Just a few days after the HHS’ Office for Civil Rights announced a settlement had been reached with Medical [...]
HHS Confirms When Business Associates Can be Held Directly Liable for HIPAA Violations
The Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009, and the subsequent [...]
Multiple HIPAA Violations at Medical Imaging Services Company Result in $3 Million Penalty
Touchstone Medical Imaging, a Franklin, Tennessee-based provider of medical imaging services, has agreed to [...]
Study Reveals Widespread Nonconformance with HIPAA Rules and NIST CSF Controls
It has been 14 years since the HIPAA Security Rule requirements have been mandatory, but many healthcare [...]
Should Dental Offices Worry About HIPAA Compliance?
The first dentist that was issued a fine for a HIPAA violation was Dr. Joseph Beck in 2015. His case served [...]
When Was HIPAA Enacted?
When did compliance with the Health Insurance Portability and Accountability Act (HIPAA) become mandatory and [...]
Are Google Home and Google Assistant Compliant With HIPAA?
Can medical practitioners use Google Home and Google Assistant? Is Google Assistant HIPAA compliant or would [...]
Is DocuSign HIPAA Compliant?
Can healthcare organizations use DocuSign in association with electronic protected health information (ePHI) [...]
Is Microsoft Teams HIPAA Compliant?
Microsoft Teams is popular among businesses who use it to improve communication and collaboration, but can it [...]
Is Calendly HIPAA Compliant?
Calendly is a well-known tool that many businesses use for scheduling meetings and appointments. Is it all [...]
Is Evernote HIPAA Compliant?
Evernote is a useful cloud-based tool for taking notes, making to do lists, planning projects, and [...]
Is Google Keep HIPAA Compliant?
Google Keep is a cloud-based note taking application that allows notes to be created and shared across [...]
HIPAA Violation Fines
Both the Department of Health and Human Service’ Office for Civil Rights (OCR) and state attorneys general [...]
Is Return Path HIPAA Compliant?
Return Path is an email marketing and optimization program that helps companies to put their email marketing [...]
New HIPAA Regulations in 2019
Though there were HIPAA updates being considered by OCR in 2018, the pace of change is slow and it could well [...]
Is Mandrill HIPAA Compliant?
Does Mandrill support HIPAA compliance? Can healthcare organizations use MailChimp’s transactional email [...]
Is Marketo HIPAA Compliant?
Marketo is an email marketing and lead management platform that has now been acquired by Adobe. Can [...]
Is SparkPost HIPAA Compliant?
SparkPost is a well-known email delivery and analytics program used by a lot of businesses for communicating [...]
Is JotForm HIPAA Compliant?
JotForm is a software solution that can be used for making online forms. Can healthcare organizations use [...]
Is Constant Contact HIPAA Compliant?
Constant Contact offers an online and email marketing solution which allow businesses to easily keep in touch [...]
HIPAA-Compliant SFTP Server Requirements
If healthcare providers, health plans, healthcare clearinghouses and business associates of HIPAA-covered [...]
Is MailChimp HIPAA Compliant?
MailChimp is an automated email marketing program used for sending marketing newsletters and emails to [...]
What is a HIPAA-Covered Entity?
The term “HIPAA covered entity” wasn’t included in the Healthcare Insurance Portability and [...]
Is Zendesk HIPAA Compliant?
Zendesk is a provider of a customer service software program and support ticketing system. More than 200,000 [...]
To Whom Should HIPAA Complaints be Reported to Within a Covered Entity?
To whom should HIPAA violation complaints be directed to inside a covered entity? If a healthcare employee [...]
GDPR-Style Data Privacy Law Signed into California Legislature
California governor Jerry Brown has signed AB 375 – the California Consumer Privacy Act of 2018 – [...]
Is HIPAA Compliant Email Archiving a Requirement?
Is It Necessary to Archive Emails to Comply with HIPAA? Email archiving is not required by the Security [...]
HIPAA Compliance for Home Health Care Workers
The issue of HIPAA compliance for home health care workers can be complicated because of specific challenges [...]
What Information Does HIPAA Law Protect?
One of the principal purposes of HIPAA is to ensure the privacy of patients is protected by making sure that [...]
How to Improve Hospital Workflows
Achieving Workflow Optimization in Hospitals The matter of improving hospital workflows is a senior [...]
Guidance for Medical Device Manufacturers Sharing Data with Patients Issued by FDA
The U.S. Food and Drug Administration (FDA) has released guidelines for medical device manufacturers who [...]
HIPAA Compliance for HR Departments
HIPAA compliance for HR departments is necessary for healthcare and health insurance companies, but even [...]
Is SharePoint HIPAA Compliant?
SharePoint is a web-based document management and storage system. It is one of the top collaborative [...]
Is WordPress HIPAA Compliant?
WordPress is a well-known content management system used for creating websites. A lot of businesses use [...]
HIPAA Compliance for Call Centers
HIPAA Compliant Texting in Call Centers HIPAA compliance for call centers is an important concern for all [...]
Can Healthcare Professionals Use Personal Phones at Work Without Violating HIPAA?
There is a worrisome practice happening in healthcare centers throughout the country: The utilization of [...]
HIPAA Compliance and Medical Records
Stage 2 Meaningful Use, HIPAA Compliance and EHRs Stage 2 Meaningful Use elevates the standard on the [...]
How Employees Can Help Prevent HIPAA Violations
Healthcare institutions and their business associates must be in compliance with the HIPAA Privacy, Security, [...]
HIPAA Security Officer
The Administrative Safeguards of the HIPAA Security Rule (45 CFR 164.308) require all Covered Entities to [...]
What is Considered PHI?
This article answers one of the most commonly asked questions related to HIPAA – What is considered [...]
HIPAA Encryption for iPhones and Android Phones
Should healthcare providers encrypt data in the smartphones they use? There is some misunderstanding [...]
Does HIPAA Apply to Employers?
“Does HIPAA Apply to Employers” is a question that has triggered varied responses because of the complex [...]
What Are Covered Entities Under HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) is applicable to healthcare organizations and [...]
HIPAA Privacy Laws
Objectives of HIPAA Privacy Laws HIPAA privacy laws were introduced in 2002 with the goal of ensuring the [...]
CMS Explains the Use of Text Messages in Healthcare
The Centers for Medicare and Medicaid Services (CMS) has confirmed to healthcare providers that using text [...]
What is the Importance of HIPAA to Patients?
The majority of Americans know that HIPAA relates to healthcare providers, but many people do not realize how [...]
Colorado Hospital to Pay $111,400 for Failure to Deactivate PHI Access of Former Employee
A Colorado hospital is to pay OCR $111,400 for failing to terminate the access of a former employee to its [...]
Prairie Fields Family Medicine’s Email-Related Privacy Breach Impacts 6,450 Patients
Prairie Fields Family Medicine, based in Fremont, NE, is notifying 6,450 patients about the potential [...]
Advanced Care Hospitalists Pays $500,000 to Settle Multiple HIPAA Violations
The HHS’ Office for Civil Rights (OCR) has investigated a case of impermissible disclosure of PHI by a [...]
Technology Use in Healthcare Versus HIPAA Compliance
Why Modern Technology May Not be HIPAA Compliant A lot of healthcare professionals today use their mobile [...]
Reporting a HIPAA Violation Complaint Anonymously
If you discover that your organization’s management or a co-employee has committed a HIPAA violation, [...]
What is HIPAA Authorization?
The HIPAA Rules place restrictions on the disclosure of protected health information (PHI) and healthcare [...]
Reporting a HIPAA Violation at Work
Would you report a HIPAA violation if you suspect that one occurred in your workplace? If so, how would you [...]
What is Considered as PHI Under HIPAA?
In the healthcare industry, health information is often spoken of as protected health information or PHI, but [...]
The Most Common HIPAA Violations Healthcare Organizations Should be Aware Of
The most common HIPAA violations committed by healthcare organizations that have resulted in financial [...]
What to Do to Make Your Email HIPAA Compliant
A lot of healthcare organizations would like to use email for transmitting the protected health information [...]
New Health Sector Cybersecurity Coordination Center Opened by HHS
The U.S. Department of Health and Human Services (HHS) has formally launched its Health Sector Cybersecurity [...]
What Does a Limited Data Set Mean Under HIPAA?
A limited data set, as defined in the HIPAA Privacy Rule, is a set of identifiable healthcare data that [...]
Is Google Docs HIPAA Compliant?
Is Google Docs HIPAA compliant? Are HIPAA-covered entities allowed to upload files containing protected [...]
Understanding HIPAA and the HITECH Act
There is some confusion about HIPAA and the HITECH Act. HIPAA predates the HITECH Act by 13 years and is [...]
Is Zoom HIPAA Compliant?
Zoom is a well-known video and web conferencing platform that 750,000 businesses now use, but can healthcare [...]
Is G Suite HIPAA Compliant?
Is it acceptable for HIPAA-covered entities to use G Suite and can the suite of cloud services be used [...]
HIPAA Training Requirements
What are the HIPAA Training Requirements? HIPAA applies to all types of Covered Entities (CEs) – [...]
HIPAA Risk Analysis Guidance and Tools
The HIPAA risk analysis is a fundamental component of HIPAA compliance, but a lot of healthcare agencies and [...]
The Duties of a HIPAA Compliance Officer
Under the Healthcare Insurance Portability and Accountability Act, a covered entity or business associate [...]
Is Microsoft Office 365 HIPAA Compliant?
Office 365 is a collection of subscription products from Microsoft that include Word, Excel, PowerPoint, [...]
Why is HIPAA Important?
The Health Insurance Portability and Accountability Act (HIPAA) is an essential set of regulations that were [...]
What Does PHI Stand For?
The acronym PHI is generally used in association with health information, but what does PHI stand for? What [...]
Can A Patient File A Lawsuit for A HIPAA Violation?
Is it possible for a patient to file a lawsuit for a HIPAA violation? There is no private cause of action in [...]
What is a HIPAA Violation?
Everyday, there seems to be a new report about a healthcare provider or health plan that has been discovered [...]
How is the HITECH Act Related to HIPAA and Electronic Health and Medical Records?
The Health Insurance Portability and Accountability Act (HIPAA) was enacted in August 1996. It was updated in [...]
California Legislature Approves California Consumer Privacy Act Changes
In June 2018, the California Consumer Privacy Act (CCPA) was approved by the California legislature. The Act [...]
Can Healthcare Vendors Get HIPAA Certification?
Vendors offering their services to healthcare providers that would require access to protected health [...]
CMS Investigates Fairview Southdale Hospital Patient Privacy Violation
The HHS’ Centers for Medicare and Medicaid Services (CMS) has investigated Fairview Southdale Hospital in [...]
What is Regarded as Protected Health Information According to HIPAA?
Some patients, and even some healthcare employees, may not be 100% sure exactly what is regarded as protected [...]
Which Email Providers are HIPAA Compliant?
HIPAA-covered entities need to make certain that protected health information (PHI) sent by email is secure [...]
Requirements of HIPAA Compliant Email
Are Emails HIPAA Compliant? The use of email by HIPAA-covered entities to send sensitive patient health [...]
OCR Reminds Healthcare Organizations to Secure Electronic Media and Devices With ePHI
The Department of Health and Human Services’ Office for Civil Rights has reminded HIPAA-covered entities of [...]
When is a HIPAA Release Form Necessary?
A HIPAA release form signed by the patient ought to be acquired prior to sharing that individual’s [...]
New Guidance on Using EHR Data in Clinical Research Issued By the U.S. FDA
The U.S. Food and Drug Administration (FDA) has introduced new guidance about the usage of EHR data in [...]
New Data Privacy Law Signed by California Governor Offering GDPR-Style Protections
The California Consumer Privacy Act of 2018, AB 375, has been signed into law. California governor Jerry [...]
There’s No Private Cause of Action in HIPAA According to District Court Ruling
Patients who think that there has been a violation of HIPAA Rules can send a complaint to the Department of [...]
Is Rackspace HIPAA Compliant?
Rackspace is a cloud computing company based in Windcrest, Texas that provides public cloud and email hosting [...]
Phishing Attack on FAPD and Black River Medical Center
Two HIPAA-covered organizations have recently announced they have been victims of phishing attacks that [...]
Understanding the Requirements on Issuing Individual Authorization for Uses and Disclosures of PHI for Research
To help HIPAA-covered entities to streamline HIPAA authorizations for the use of protected health information [...]
Is SendGrid HIPAA Compliant?
SendGrid is a platform that companies use for email marketing. It makes communicating marketing messages to [...]
Hospitals and Physicians Confirm Mobile Technology Helps Improve Patient Outcomes
Black Book Research has published the results of a survey on the use of mobile technology by hospitals and [...]
New Apple Health Records API Allows Developers to Create Apps for Patients and Access EHR Data
Apple has launched an application programming interface (API) that developers can use to create health apps [...]
Are Law Firms Violating HIPAA When Using Geofencing Technology to Target Patients in ER Rooms?
Geofencing is a technology that creates a digital fence around a particular location or space online allowing [...]
Covered Entities Are Reminded Not to Neglect Physical Security Controls
The Department of Health and Human Services’ Office for Civil Rights (OCR) is reminding HIPAA covered [...]
Why Choosing Secure Messaging Platforms Over Pagers is Important for HIPAA Compliance
Is it the End of Paging? Since changes have been made to the HIPAA Privacy and Security Rules, there has been [...]
Is Emailing Patient Names Considered as a HIPAA Violation?
Email is a valuable and convenient means of communication. Can healthcare companies employ email to deliver [...]
How to make HIPAA Complaints within a Covered Entity
Who should be informed within the covered entity when you want to make a HIPAA complaint? Any healthcare [...]
Is Amazon Web Services HIPAA Compliant?
Amazon Web Services possesses all the security requirements to meet the HIPAA Security Rule and Amazon is [...]
What is the HIPAA Conduit Exception Rule?
A lot of HIPAA covered entities are not aware of the HIPAA Conduit Exception Rule. Consequently, there are [...]
Is Google Hangouts HIPAA Compliant?
Healthcare providers often question whether Google services are HIPAA compliant, including whether Google [...]
Is Azure HIPAA Compliant?
Healthcare companies are not forbidden by HIPAA to utilize cloud services. With cloud services, organizations [...]
Is HelloFax HIPAA Compliant?
Can healthcare organizations use HelloFax to send documents containing protected health information (PHI)? [...]
Nine Security No-Nos for Healthcare Employees
Healthcare companies and their business associates need to adhere to the HIPAA Privacy, Security, and Breach [...]
Is WebEx HIPAA Compliant?
WebEx is a platform for online video conferencing and collaboration helping organizations interact with [...]
Is FaceTime HIPAA Compliant?
Can HIPAA covered entities use FaceTime for communicating protected health information (PHI) without breaking [...]
Is Facebook Messenger HIPAA Compliant?
Is Facebook Messenger HIPAA compliant? Could it be used by healthcare organizations as the messaging service [...]
Is Microsoft Outlook HIPAA Compliant?
Software programs or email services cannot be completely HIPAA compliant, because technology is not just the [...]
Can Amazon Alexa Be Used in Healthcare?
The use of Amazon Alexa is limited in healthcare because it is not HIPAA compliant. But that may change [...]
HIPAA Regulations for SMS
Almost all SMS messaging platforms aren’t HIPAA Compliant. There is no HIPAA rule that particularly [...]
De-identification of Protected Health Information
Healthcare companies and business associates that would like to access or share protected health information [...]
Summary of the HIPAA Breach Notification Rule
The Health Insurance Portability and Accountability Act of 1996 is an important legislation to the healthcare [...]
Is WhatsApp HIPAA Compliant?
When WhatsApp declared it was launching end-to-end encryption, healthcare organizations became interested [...]
Is Slack HIPAA Compliant?
Slack is an effective tool for communication and collaboration, however, there is a question on using Slack [...]
What is the Purpose of HIPAA?
The Health Insurance Portability and Accountability Act – or HIPAA is a vital legislation which affects [...]
How to Report a HIPAA violation
It is the duty of HIPAA covered entities to make sure that their personnel know the right steps for reporting [...]
What Should A Patient Do If There is an Obvious HIPAA Violation?
A patient is unable to sue a healthcare organization for a HIPAA violation and demand damages even though the [...]
Importance of the HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) is a legislation introduced in 1996, mainly [...]
HIPAA’s Records Retention Requirements
A lot of covered entities do not fully understand the requirements of HIPAA medical records retention and [...]
What are the Responsibilities of a HIPAA Compliance Officer?
The Healthcare Insurance Portability and Accountability Act (HIPAA) requires covered entities and business [...]
Problems in the Oversight of Medicare Beneficiary Data Security
Because of the recent data breaches, the U.S Senate Committee on Finance, the House Committee on Energy and [...]
What Entities Can Get Access to Medicare Beneficiary Data?
The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) protect [...]
What are the Penalties When Pharmacies Violate HIPAA Rules?
Whether you have a large or small business, if you’re engaged in the healthcare industry, HIPAA compliance [...]
Key Points of HIPAA Compliance for Pharmacies
Pharmacies are HIPAA-covered entities that must comply with the acceptable uses and disclosures of protected [...]
Common Acts of HIPAA Violation Committed by Nurses and Penalties
Healthcare workers such as nurses have direct involvement in the care of patients and often get access to [...]
Verizon Released Annual Protected Health Information Breach Report
Verizon’s annual Protected Health Information Breach Report is out. The report revealed the result of [...]
What Does Contingency Planning Mean As Per HIPAA Rules?
OCR explained in its March 2018 cybersecurity newsletter the importance of contingency planning. The HIPAA [...]
Four Areas of HIPAA That Are Important to Patients
The Health Insurance Portability and Accountability Act of 1996 or HIPAA was signed into law by Pres. Bill [...]
Is the Use of Google Forms Compliant With HIPAA Rules?
Google Forms is an online tool that anyone can use to create surveys and get feedback from people. Can [...]
Can Google Sheets Be Used with PHI by Healthcare Organizations?
Google Sheets is a web-based Google program that allows the creation, viewing and sharing of spreadsheets. [...]
Guidelines on Using Social Media to Avoid HIPAA Violations
ProPublica released a study in 2015 that showed the reality of HIPAA social media violations involving [...]
Warning Against PHI Disclosure on Social Media
Using social media such as Facebook and Twitter can help healthcare organizations in several ways. It helps [...]
Can Employees Who Violate HIPAA Rules Be Terminated?
The HIPAA Enforcement Rule gave the HHS’ Office for Civil Rights the authority to penalize healthcare [...]
Is Yammer HIPAA Compliant?
Yammer is another platform that healthcare organizations can potentially use for sharing ePHI. Does it [...]
How to Ensure HIPAA Compliant File Sharing
HIPAA compliant file sharing requires maintaining the security, integrity and confidentiality of PHI both at [...]
Is Google Sheets HIPAA Compliant?
Google Sheets is a service provided by Google to create, view and share spreadsheets. Can HIPAA-covered [...]
Is IBM Cloud HIPAA Compliant?
IBM Cloud is a service offered by IBM allowing organizations to do certain functions such as building native [...]
What Must Be Done Before Using Cloud Service Providers to Ensure HIPAA Compliance?
Cloud service providers are classified as business associates based on the HIPAA Omnibus Rule, which states [...]
Can iCloud Be Considered HIPAA-Compliant?
Cloud storage services make it very convenient for people to share and store data. People using different [...]
Identity and Access Management Policies That Govern Terminated Employees
The HIPAA Security Rule calls for the efficient management of information access. Personnel who are given [...]
What Happens to PHI After a Healthcare Business Closes?
When HIPAA-covered entities and their business associates cease operations, the obligation to follow HIPAA [...]
MediaPro Report Reveals Poor Security Awareness of Healthcare Employees
MediaPro published a recent report indicating the lack of preparedness of the healthcare industry to deal [...]
Which Entities Should Comply with the HIPAA Rule?
The Health Insurance Portability and Accountability Act (HIPAA) Rules aim to keep protected health [...]
How To Comply With the HIPAA Password Requirements
According to the HIPAA password requirements, there must be procedures in place for creating, changing and [...]
Must Know Facts About Individually Identifiable Health Information
What are considered individually identifiable health information? What are the permitted uses and [...]
Can Hotmail Be Considered as HIPAA Compliant?
Healthcare organizations often ask if they can use a Hotmail account to send protected health information. [...]
New Bill Propose Changes to HIPAA Rules for Healthcare Clearinghouses
Congresswoman Cathy McMorris Rodgers (R-Washington) introduced a new bill (H.R 4613) to the U.S. House of [...]
Launch of OCR ‘s New WebPages Required by the 21st Century Cures Act
OCR is doing its part to deal with the opioid crisis in the United States and fulfill its responsibilities [...]
The Security Risks of Using Mobile Devices to Manage ePHI
Most healthcare organizations today use mobile devices including laptop computers, tablets, mobile phones and [...]
What are the Penalties for Violating HIPAA Breach Notification Requirements?
The HIPAA Breach Notification requirements must be followed by all covered entities and business associates [...]
What are the HIPAA Breach Notification Requirements?
When a reportable HIPAA breach occurs, the covered entity and its business associates need to comply with the [...]
What Are Reportable HIPAA Breaches? What Are the Exemptions?
Following the HIPAA breach notification requirements is a must for all HIPAA covered entities. This entails [...]
Termination of Nurse for HIPAA Violation Upheld by the Court
A Norton Audubon Hospital patient alleged that a nurse, Dianna Hereford, committed a HIPAA violation and the [...]
Security Breach at a New York Pharmacy Exposed 12,172 Customers’ PHI
ShopRite Supermarkets, Inc announced to its pharmacy customers about a security breach as a result of the [...]
HIPAA Compliance for Self-Administered Group Health Plans
One of the most confusing aspects of HIPAA legislation is HIPAA compliance for self-insured group health [...]
What are the HIPAA Violation Penalties for Nurses?
HIPAA violation penalties for nurses who breach HIPAA Rules can range from disciplinary action, to [...]
Is OneDrive HIPAA Compliant?
Many covered entities want to take advantage of cloud storage services, but it is important to determine [...]
Is Skype HIPAA Compliant?
Messaging platforms such as Skype are an efficient way of communicating between individuals and groups, but [...]
Limiting the Potential for the Unauthorized Accessing of Patient Medical Records
Stolen mobile devices and hacking incidents may result in the biggest exposures of protected health [...]
Is Google Drive HIPAA Compliant?
Trying to decipher the HIPAA Compliance of Google Drive can be confusing. HIPAA compliance relates less about [...]
What is the HIPAA breach notification rule?
Despite the Health Insurance Portability and Accountability Act of 1996 being one of the most vital pieces of [...]
Is Dropbox HIPAA compliant?
Dropbox is a widely-used file hosting service used by many groups to share files, but is Dropbox HIPAA [...]
What are the HIPAA rules for dentists?
Despite the fact that many dental clinics are self-contained centers, the HIPAA rules for dentists apply to [...]
How many HIPAA Violations in 2016?
The Department of Health and Human Services’ Office for Civil Rights (OCR) has increased its enforcement [...]
Telemedicine HIPAA requirements
The Telemedicene HIPAA requirements affect any medical sector employee or healthcare organization that [...]
What are the HIPAA e-Signature Requirements?
Digital signatures have been show to increase the efficiency of many administrative processes in the [...]
What is HIPAA compliant texting?
The answer to the question “What is HIPAA compliant texting” is generally unclear. Although HIPAA does [...]
What are the HIPAA email compliance requirements?
There has been much debate about HIPAA email compliance requirements since amendments were made to the Health [...]
HIPAA Encryption Requirements
HIPAA encryption requirements have proved a source of much confusion. This is due to the technical safeguards [...]
What are the HIPAA Requirements for Mobile Devices?
Healthcare organizations and other HIPAA-covered entities have embraced mobile technology and are permitting [...]
Why was HIPAA Created?
The Healthcare Insurance Portability and Accountability Act (HIPAA) was signed into law on August 21, 1996 [...]
What are the HIPAA Telephone Rules?
The Federal Communication Commission has issued a Declaratory Ruling and Order to clarify the HIPAA telephone [...]
What are the rules for HIPAA Compliant Telemedicine?
The rule for HIPAA Compliant Telemedicine in call centers is something every company, providing an answering [...]
What are the HIPAA Rules Regarding Text Messaging?
Labeling text messaging as a HIPAA violation is not strictly correct. Whether text messages are a violation [...]
What are the Penalties for HIPAA Violations?
The Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general can [...]
HHS’ Final Rule on Confidentiality of Alcohol and Drug Abuse Patient Records Regulations
In February 2016, the Department of Health and Human Services proposed changes to the Confidentiality of [...]
Recent HIPAA Changes
The recent changes in HIPAA expand the scope of the Health Insurance Portability and Accountability Act as [...]
Certificates of Creditable Coverage Not Needed Any More Under HIPAA
Health plan providers and insurers have required Certificates of Creditable Coverage under the Health [...]
Employee Snooping the Most Common Cause of HIPAA Breaches
The theft of mobile devices could result in a major exposure of Protected Health Information (PHI); but, [...]
Copyright © 2007-2021 The HIPAA Guide Site Map Privacy Policy About The HIPAA Guide