HIPAA Articles

The National Institute of Standards and Technology (NIST) has released the second revision of its HIPAA [...]

It may surprise some people to learn that, in the entire text of HIPAA pictures and videos are only mentioned [...]

The terms “violation” and “breach” are sometimes conflated in HIPAA-related discussions, and it is [...]

Many sources of HIPAA business associate examples tend to repeat the examples of HIPAA business associates [...]

The HIPAA Security Rule requires HIPAA-regulated entities to conduct a security risk assessment to identify [...]

The penalties for non-compliance with HIPAA vary considerably according to the nature of the non-compliant [...]

To fully answer the question why is the HITECH Act important, you have to assess the Act from different [...]

The requirement for HIPAA training in a dental office is the same as the requirement for any other Covered [...]

The Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act) called for the [...]

The answer to the question who does HIPAA apply to is not always as straightforward as it is presented to be. [...]

HIPAA compliance software is a SaaS compliance framework that assists Covered Entities and Business [...]

In the Code of Federal Regulations, 45 CFR § 164.530 relates to the administrative requirements of the HIPAA [...]

45 CFR § 164.308 is the section of the Code of Federal Regulations that contains the Administrative [...]

A lawsuit has been filed on behalf of a mother of a baby who is alleged to have died as a consequence of a [...]

The HHS’ Office for Civil Rights has recently reminded HIPAA-covered entities and their business associates [...]

The Italian Data Protection Authority Garante has announced the food delivery company Foodinho has been fined [...]

In the United States, mask mandates are starting to be lifted and people who have been fully vaccinated [...]

In 2011, House Bill 300 (HB 300) introduced significant changes to the Texas Health and Safety Code including [...]

Every HIPAA-covered entity is required to implement policies and procedures to ensure compliance with the [...]

The HIPAA Enforcement Rule gave the HHS’ Office for Civil Rights the authority to penalize healthcare [...]

How Often Do You Need HIPAA Training? Considering the importance of HIPAA compliance and the potential [...]

The Health Insurance Portability and Accountability Act of 1996 or HIPAA was signed into law by Pres. Bill [...]

This month, a U.S District Court judge for the Southern District of Georgia has sentenced a man for making [...]

Although it is illegal for a Covered Entity to intimidate, threaten, coerce, discriminate, or retaliate [...]

The Federal Trade Commission (FTC) has announced the settlement with SkyMed International has been finalized [...]

The HIPAA “Minimum Necessary” standard is an important provision of HIPAA and one that all employees of [...]

In the healthcare industry, health information is often spoken of as protected health information or PHI, but [...]

The Health Insurance Portability and Accountability Act of 1996 – or HIPAA for short – is a vital [...]

The HHS’ Office for Civil Rights has issued new guidance to help HIPAA covered entities and their business [...]

The HHS’ Office for Civil Rights has made good on its promise to step up enforcement of compliance with the [...]

The City of New Haven in Connecticut has settled a HIPAA violation case with the U.S. Department of Health [...]

The health plan Aetna, part of the Aetna Life Insurance Company, has agreed to pay a $1 million penalty to [...]

In 2019, the U.S. Department of Health and Human Services’ Office for Civil Rights launched its HIPAA Right [...]

The Department of Health and Human Services’ Office for Civil Rights has imposed its 8th HIPAA penalty on a [...]

A multi-state investigation by attorneys general in 42 states and Washington D.C. over the 78.8 million [...]

The HHS’ Office for Civil Rights (OCR) has imposed its second largest ever HIPAA violation penalty – [...]

The Community Health Systems business associate, CHSPSC LLC, has settled its HIPAA violation case with the [...]

The Department of Health and Human Services’ Office for Civil Rights (OCR) has settled another HIPAA [...]

A recent MITRE-Harris poll has revealed most Americans are unaware of the extent to which health insurers are [...]

In certain circumstances, the developers of mobile health apps are classed as business associates and are [...]

HIPAA-covered entities and their business associates are required to implement safeguards to ensure the [...]

In June 2020, the U.S Department of Health and Human Services (HHS) issued guidance explaining how HIPAA [...]

The Department of Health and Human Services’ Office for Civil Rights has issued an alert about a potential [...]

For the second time in a week, the HHS’ Office for Civil Rights (OCR) has announced a fine has been imposed [...]

On January 31, 2020, the Secretary of the Department of Health and Human Services declared the outbreaks of [...]

The Department of Health and Human Services’ Office for Civil Rights (OCR) has agreed to settle a HIPAA [...]

Can healthcare providers and their employees utilize Google Voice? Is this telephony service HIPAA compliant? [...]

If there is one good thing to come out of the COVID-19 pandemic it is the changes that have been made to [...]

When famous people are diagnosed with an illness or suffer an accident, that can be headline news. The Health [...]

The Department of Health and Human Services’ Office for Civil Rights has issued new HIPAA guidance to clear [...]

Hospitals have been warned that they must not allow film crews into parts of hospitals where there is [...]

The HHS’ Office for Civil Rights has issued guidance on COVID-19 and HIPAA about the permitted disclosures [...]

Last week, the Trump Administration extended Medicare telehealth services as the COVID-19 crisis deepened. [...]

A recent audit of a mail-order pharmacy and 29 other healthcare provides by the Department of Health and [...]

While email retention is not specifically mentioned in the HIPAA text, certain provisions cover data [...]

A HIPAA subpoena for medical records is an area where there is considerable potential for a HIPAA violation. [...]

What are the requirements for a HIPAA compliant website? Here we list the important elements when setting up [...]

Google Forms is a survey administration tool that allows forms to be created for data collection purposes, [...]

In this post we cover some of the many HIPAA myths that have been circulating on the internet and often get [...]

The HHS’ Office for Civil Rights (OCR) has announced its sixth HIPAA penalty of 2019. The University of [...]

Jackson Health System (JHS) has paid a $2.15 million civil monetary penalty to the HHS’ Office for Civil [...]

A dental practice has been fined $10,000 by the HHS’ Office for Civil Rights for violating Health Insurance [...]

The Health Insurance Portability and Accountability Act of 1996 called for the Department of Health and Human [...]

The Department of Health and Human Services’ Office for Civil Rights has issued guidance for HIPAA-covered [...]

Healthcare providers are providing patients with copies of their medical records, but a majority have been [...]

A consolidated class action lawsuit against Premera Blue Cross over its 2014 data breach of 10.6 million [...]

Allscripts Healthcare Solutions has proposed a settlement of $145 million to resolve alleged violations of [...]

The penalties for HIPAA violations are usually restricted to fines for the covered entity or business [...]

It has been 14 years since the HIPAA Security Rule requirements have been mandatory, but many healthcare [...]

The first dentist that was issued a fine for a HIPAA violation was Dr. Joseph Beck in 2015. His case served [...]

When did compliance with the Health Insurance Portability and Accountability Act (HIPAA) become mandatory and [...]

Can medical practitioners use Google Home and Google Assistant? Is Google Assistant HIPAA compliant or would [...]

Can healthcare organizations use DocuSign in association with electronic protected health information (ePHI) [...]

Microsoft Teams is popular among businesses who use it to improve communication and collaboration, but can it [...]

Calendly is a well-known tool that many businesses use for scheduling meetings and appointments. Is it all [...]

Evernote is a useful cloud-based tool for taking notes, making to do lists, planning projects, and [...]

Google Keep is a cloud-based note taking application that allows notes to be created and shared across [...]

Both the Department of Health and Human Service’ Office for Civil Rights (OCR) and state attorneys general [...]

Return Path is an email marketing and optimization program that helps companies to put their email marketing [...]

Though there were HIPAA updates being considered by OCR in 2018, the pace of change is slow and it could well [...]

Does Mandrill support HIPAA compliance? Can healthcare organizations use MailChimp’s transactional email [...]

Marketo is an email marketing and lead management platform that has now been acquired by Adobe. Can [...]

SparkPost is a well-known email delivery and analytics program used by a lot of businesses for communicating [...]

JotForm is a software solution that can be used for making online forms. Can healthcare organizations use [...]

Constant Contact offers an online and email marketing solution which allow businesses to easily keep in touch [...]

If healthcare providers, health plans, healthcare clearinghouses and business associates of HIPAA-covered [...]

MailChimp is an automated email marketing program used for sending marketing newsletters and emails to [...]

The term “HIPAA covered entity” wasn’t included in the Healthcare Insurance Portability and [...]

Zendesk is a provider of a customer service software program and support ticketing system. More than 200,000 [...]

To whom should HIPAA violation complaints be directed to inside a covered entity? If a healthcare employee [...]

California governor Jerry Brown has signed AB 375 – the California Consumer Privacy Act of 2018 – [...]

Is It Necessary to Archive Emails to Comply with HIPAA? Email archiving is not required by the Security [...]

The issue of HIPAA compliance for home health care workers can be complicated because of specific challenges [...]

One of the principal purposes of HIPAA is to ensure the privacy of patients is protected by making sure that [...]

Achieving Workflow Optimization in Hospitals The matter of improving hospital workflows is a senior [...]

The U.S. Food and Drug Administration (FDA) has released guidelines for medical device manufacturers who [...]

HIPAA compliance for HR departments is necessary for healthcare and health insurance companies, but even [...]

SharePoint is a web-based document management and storage system. It is one of the top collaborative [...]

WordPress is a well-known content management system used for creating websites. A lot of businesses use [...]

HIPAA Compliant Texting in Call Centers HIPAA compliance for call centers is an important concern for all [...]

There is a worrisome practice happening in healthcare centers throughout the country: The utilization of [...]

Stage 2 Meaningful Use, HIPAA Compliance and EHRs Stage 2 Meaningful Use elevates the standard on the [...]

Healthcare institutions and their business associates must be in compliance with the HIPAA Privacy, Security, [...]

The Administrative Safeguards of the HIPAA Security Rule (45 CFR 164.308) require all Covered Entities to [...]

This article answers one of the most commonly asked questions related to HIPAA – What is considered [...]

Should healthcare providers encrypt data in the smartphones they use? There is some misunderstanding [...]

“Does HIPAA Apply to Employers” is a question that has triggered varied responses because of the complex [...]

The Health Insurance Portability and Accountability Act (HIPAA) is applicable to healthcare organizations and [...]

Objectives of HIPAA Privacy Laws HIPAA privacy laws were introduced in 2002 with the goal of ensuring the [...]

The Centers for Medicare and Medicaid Services (CMS) has confirmed to healthcare providers that using text [...]

The majority of Americans know that HIPAA relates to healthcare providers, but many people do not realize how [...]

A Colorado hospital is to pay OCR $111,400 for failing to terminate the access of a former employee to its [...]

Prairie Fields Family Medicine, based in Fremont, NE, is notifying 6,450 patients about the potential [...]

Why Modern Technology May Not be HIPAA Compliant A lot of healthcare professionals today use their mobile [...]

The HIPAA Rules place restrictions on the disclosure of protected health information (PHI) and healthcare [...]

Would you report a HIPAA violation if you suspect that one occurred in your workplace? If so, how would you [...]

A lot of healthcare organizations would like to use email for transmitting the protected health information [...]

The U.S. Department of Health and Human Services (HHS) has formally launched its Health Sector Cybersecurity [...]

A limited data set, as defined in the HIPAA Privacy Rule, is a set of identifiable healthcare data that [...]

Is Google Docs HIPAA compliant? Are HIPAA-covered entities allowed to upload files containing protected [...]

There is some confusion about HIPAA and the HITECH Act. HIPAA predates the HITECH Act by 13 years and is [...]

Is it acceptable for HIPAA-covered entities to use G Suite and can the suite of cloud services be used [...]

The HIPAA risk analysis is a fundamental component of HIPAA compliance, but a lot of healthcare agencies and [...]

Under the Healthcare Insurance Portability and Accountability Act, a covered entity or business associate [...]

Office 365 is a collection of subscription products from Microsoft that include Word, Excel, PowerPoint, [...]

The Health Insurance Portability and Accountability Act (HIPAA) is an essential set of regulations that were [...]

The acronym PHI is generally used in association with health information, but what does PHI stand for? What [...]

Is it possible for a patient to file a lawsuit for a HIPAA violation? There is no private cause of action in [...]

Everyday, there seems to be a new report about a healthcare provider or health plan that has been discovered [...]

Vendors offering their services to healthcare providers that would require access to protected health [...]

Some patients, and even some healthcare employees, may not be 100% sure exactly what is regarded as protected [...]

HIPAA-covered entities need to make certain that protected health information (PHI) sent by email is secure [...]

Are Emails HIPAA Compliant? The use of email by HIPAA-covered entities to send sensitive patient health [...]

The Department of Health and Human Services’ Office for Civil Rights has reminded HIPAA-covered entities of [...]

A HIPAA release form signed by the patient ought to be acquired prior to sharing that individual’s [...]

The U.S. Food and Drug Administration (FDA) has introduced new guidance about the usage of EHR data in [...]

Patients who think that there has been a violation of HIPAA Rules can send a complaint to the Department of [...]

Rackspace is a cloud computing company based in Windcrest, Texas that provides public cloud and email hosting [...]

Two HIPAA-covered organizations have recently announced they have been victims of phishing attacks that [...]

To help HIPAA-covered entities to streamline HIPAA authorizations for the use of protected health information [...]

SendGrid is a platform that companies use for email marketing. It makes communicating marketing messages to [...]

Black Book Research has published the results of a survey on the use of mobile technology by hospitals and [...]

Apple has launched an application programming interface (API) that developers can use to create health apps [...]

Geofencing is a technology that creates a digital fence around a particular location or space online allowing [...]

The Department of Health and Human Services’ Office for Civil Rights (OCR) is reminding HIPAA covered [...]

Is it the End of Paging? Since changes have been made to the HIPAA Privacy and Security Rules, there has been [...]

Email is a valuable and convenient means of communication. Can healthcare companies employ email to deliver [...]

Who should be informed within the covered entity when you want to make a HIPAA complaint? Any healthcare [...]

Amazon Web Services possesses all the security requirements to meet the HIPAA Security Rule and Amazon is [...]

A lot of HIPAA covered entities are not aware of the HIPAA Conduit Exception Rule. Consequently, there are [...]

Healthcare providers often question whether Google services are HIPAA compliant, including whether Google [...]

Healthcare companies are not forbidden by HIPAA to utilize cloud services. With cloud services, organizations [...]

Can healthcare organizations use HelloFax to send documents containing protected health information (PHI)? [...]

Healthcare companies and their business associates need to adhere to the HIPAA Privacy, Security, and Breach [...]

WebEx is a platform for online video conferencing and collaboration helping organizations interact with [...]

Can HIPAA covered entities use FaceTime for communicating protected health information (PHI) without breaking [...]

Is Facebook Messenger HIPAA compliant? Could it be used by healthcare organizations as the messaging service [...]

Software programs or email services cannot be completely HIPAA compliant, because technology is not just the [...]

The use of Amazon Alexa is limited in healthcare because it is not HIPAA compliant. But that may change [...]

Almost all SMS messaging platforms aren’t HIPAA Compliant. There is no HIPAA rule that particularly [...]

Healthcare companies and business associates that would like to access or share protected health information [...]

The Health Insurance Portability and Accountability Act of 1996 is an important legislation to the healthcare [...]

When WhatsApp declared it was launching end-to-end encryption,  healthcare organizations became interested [...]

Slack is an effective tool for communication and collaboration, however, there is a question on using Slack [...]

It is the duty of HIPAA covered entities to make sure that their personnel know the right steps for reporting [...]

A patient is unable to sue a healthcare organization for a HIPAA violation and demand damages even though the [...]

The Health Insurance Portability and Accountability Act (HIPAA) is a legislation introduced in 1996, mainly [...]

The Healthcare Insurance Portability and Accountability Act (HIPAA) requires covered entities and business [...]

Because of the recent data breaches, the U.S Senate Committee on Finance, the House Committee on Energy and [...]

The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) protect [...]

Whether you have a large or small business, if you’re engaged in the healthcare industry, HIPAA compliance [...]

Pharmacies are HIPAA-covered entities that must comply with the acceptable uses and disclosures of protected [...]

Healthcare workers such as nurses have direct involvement in the care of patients and often get access to [...]

Verizon’s annual Protected Health Information Breach Report is out. The report revealed the result of [...]

OCR explained in its March 2018 cybersecurity newsletter the importance of contingency planning. The HIPAA [...]

Google Forms is an online tool that anyone can use to create surveys and get feedback from people. Can [...]

Google Sheets is a web-based Google program that allows the creation, viewing and sharing of spreadsheets. [...]

ProPublica released a study in 2015 that showed the reality of HIPAA social media violations involving [...]

Using social media such as Facebook and Twitter can help healthcare organizations in several ways. It helps [...]

Yammer is another platform that healthcare organizations can potentially use for sharing ePHI. Does it [...]

HIPAA compliant file sharing requires maintaining the security, integrity and confidentiality of PHI both at [...]

Google Sheets is a service provided by Google to create, view and share spreadsheets. Can HIPAA-covered [...]

IBM Cloud is a service offered by IBM allowing organizations to do certain functions such as building native [...]

Cloud service providers are classified as business associates based on the HIPAA Omnibus Rule, which states [...]

Cloud storage services make it very convenient for people to share and store data. People using different [...]

The HIPAA Security Rule calls for the efficient management of information access. Personnel who are given [...]

When HIPAA-covered entities and their business associates cease operations, the obligation to follow HIPAA [...]

MediaPro published a recent report indicating the lack of preparedness of the healthcare industry to deal [...]

The Health Insurance Portability and Accountability Act (HIPAA) Rules aim to keep protected health [...]

According to the HIPAA password requirements, there must be procedures in place for creating, changing and [...]

What are considered individually identifiable health information?  What are the permitted uses and [...]

Healthcare organizations often ask if they can use a Hotmail account to send protected health information. [...]

Congresswoman Cathy McMorris Rodgers (R-Washington) introduced a new bill (H.R 4613) to the U.S. House of [...]

OCR is doing its part to deal with the opioid crisis in the United States and fulfill its responsibilities [...]

Most healthcare organizations today use mobile devices including laptop computers, tablets, mobile phones and [...]

The HIPAA Breach Notification requirements must be followed by all covered entities and business associates [...]

When a reportable HIPAA breach occurs, the covered entity and its business associates need to comply with the [...]

Following the HIPAA breach notification requirements is a must for all HIPAA covered entities. This entails [...]

A Norton Audubon Hospital patient alleged that a nurse, Dianna Hereford, committed a HIPAA violation and the [...]

ShopRite Supermarkets, Inc announced to its pharmacy customers about a security breach as a result of the [...]

One of the most confusing aspects of HIPAA legislation is HIPAA compliance for self-insured group health [...]

HIPAA violation penalties for nurses who breach HIPAA Rules can range from disciplinary action, to [...]

Many covered entities want to take advantage of cloud storage services, but it is important to determine [...]

Messaging platforms such as Skype are an efficient way of communicating between individuals and groups, but [...]

Stolen mobile devices and hacking incidents may result in the biggest exposures of protected health [...]

Trying to decipher the HIPAA Compliance of Google Drive can be confusing. HIPAA compliance relates less about [...]

Despite the fact that many dental clinics are self-contained centers, the HIPAA rules for dentists apply to [...]