Skip to content Skip to navigation


Survey: Healthcare Orgs Not Taking Mobile Security Seriously Enough

October 25, 2016  |  Rajiv Leventhal
More than half (56 percent) of healthcare professionals believe their organization could be doing more to educate employees on HIPAA compliance and the rules around sharing protected health information.

Washington Debrief: OCR Offers Details about Audits; More MACRA Considerations

October 24, 2016  |  Leslie Kriegstein, Vice President of Congressional Affairs, CHIME
As more folks sink their teeth into the 2,300 page regulations, more details emerge on the Quality Payment Program (QPP).

St. Joseph Health to Pay $2.14M in HIPAA Settlement

October 19, 2016  |  Rajiv Leventhal
St. Joseph Health (SJH) has agreed to settle potential violations of the HIPAA privacy and security rules following reports that files containing sensitive health data were publicly accessible through Internet search engines from 2011 to 2012.

Report: Healthcare Data Breaches Continue at Alarming Pace in Second Half of 2016

October 17, 2016  |  Heather Landi
Healthcare data breaches are continuing at an alarming pace, with the second half of 2016 shaping up to have more breach incidents per month, so far, than in the first half of the year.

Survey: Most Vendors Not Prepared to Comply with Data Protection Standards

October 10, 2016  |  Heather Landi
Two thirds of healthcare industry vendors report they are not prepared to comply with HITRUST healthcare data protection standards, according to a survey by New York City-based advisory firm KPMG.

OCR Offers Guidance on HIPAA and Cloud Computing

October 7, 2016  |  David Raths
The Health & Human Services Office of Civil Rights has provided guidance around several questions regarding cloud service providers and HIPAA.

OCR: Business Associates Blocking Access to Data are in Violation of HIPAA

October 4, 2016  |  Heather Landi
It is an impermissible use of protected health information (PHI) for a business associate to block a healthcare provider’s access to data in order to resolve a payment dispute, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) stated...

HHS Funds “Cooperative Agreements” for Cybersecurity Support

October 4, 2016  |  Rajiv Leventhal
The U.S. Department of Health and Human Services (HHS) has awarded “cooperative agreements” totaling $350,000 with the aim to strengthen the ability of healthcare and public health sector partners to respond to cybersecurity threats.

GAO Report Looks at HHS’ Capability to Protect Health Data

October 3, 2016  |  Rajiv Leventhal
The Government Accountability Office (GAO) has issued a report that calls into question the Department of Health and Human Services’ (HHS) guidance for protecting electronic health information.

Uber, Circulation Collaborate on Hospital Pilot Program for Patient Transportation

September 28, 2016  |  Heather Landi
Boston-based startup Circulation, as Uber’s preferred healthcare platform partner, is launching a digital healthcare transportation platform as a pilot program at several East Coast acute care and children’s hospitals.

Are Fitness Apps Fit for Privacy Protection?

September 28, 2016  |  William A. Tanenbaum and Lourdes M. Turrecha, Arent Fox LLP
Healthcare professionals who are in a position to recommend the use of fitness apps need to be aware that patients’ personal data can be used in ways that HIPAA would prohibit and that will surprise patients who are trying to be smart about fitness in a...

Care New England Health System Will Pay $400,000 Settlement for Potential HIPAA Violations

September 26, 2016  |  Heather Landi
Providence, R.I.-based Care New England Health System has agreed to pay $400,000 to settle potential HIPAA Privacy and Security Rules violations, stemming from a 2012 data breach at Woman and Infants Hospital of Rhode Island.


Subscribe to HIPAA