Electronic Medical Records Data Breach

News & Analysis as of

Think You Know Your HIPAA-Related Obligations? Read the ONC’s New Privacy and Security Guide to Find Out

In 2013, we alerted you to the expansion of the definition of the term “business associate” under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Now, the Office of the National Coordinator for Health...more

Issues Concerning Medical Identity Theft

Whenever a large data breach occurs in the healthcare industry, such as the Anthem Blue Cross Blue Shield breach this past winter, some news stories always seem to focus on the strange medical catastrophes that could...more

New Study Finds That Criminal Attacks Are The Number One Cause Of Health Sector Data Breaches

On May 7, 2015, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data (the “Study”), which surveyed 90 HIPAA covered entities and 88 business associates regarding their...more

HIPAA Rules and Procedures in the Event of a Data Breach, Part One

As discussed in my prior post, recent massive data breaches at major retailers and health insurance providers paint a bleak picture of modern data and emphasize the importance of strong security safeguards and plans for...more

“Bring Your Own Device” To Work Programs: Regulatory and Legal Risks and How To Minimize Them

If you’ve ever left your mobile phone on an airplane, in a restaurant, or somewhere other than in your possession, you know it’s frightening enough to think of losing the device itself, which costs a premium, as well as your...more

Health Update - February 2015

Cyber Risk Insurance Policies: What You Need to Know - Editor’s Note: As data breach incidents and related cyber risks continue to increase and gain publicity—and government agencies become more actively involved in...more

Also In the News - Data, Privacy, & Security Practice Report - February 2015 #3

White House Holds Summit On Cybersecurity And Consumer Protection — On February 13, 2015, leaders from throughout the country representing sectors with a stake in cybersecurity and consumer protection issues convened at...more

HIPAA Compliant Technology and the Importance of Encryption

We welcome this guest blog by Gene Fry, Compliance Officer, Scrypt, Inc. The Health Insurance Portability and Accountability Act (HIPAA) sets the standard for protecting sensitive patient data. This means that any...more

What the Anthem Cyberattack Means for the Health Care Industry

Unfortunately, account hacks and data breaches are nothing new. Every day, we hear reports of hackers compromising networks and their protected data. When it happens on a massive scale to a powerful player in the health...more

California Health Care Providers Successfully Ward Off Data Breach Lawsuits

In a pair of recent cases, two California health care providers successfully warded off lawsuits arising from unauthorized data breaches of patient files. These cases illustrate that improper disclosure of electronically...more

HIPAA Violation Results in $4.8 Million Settlement: An IT Perspective

In today’s healthcare industry, information technology (“IT”) systems play an ever-expanding role in the success of a medical practice. Medical practitioners consistently juggle e-billing and electronic medical records...more

California Court Dismisses CMIA Claim Based on Possession of Stolen Medical Data

A health organization narrowly averted paying a potential $4 billion in damages under the California Confidentiality of Medical Information Act (CMIA) for losing the medical records of more than 4 million patients. Plaintiffs...more

It’s No Surprise: Health Care Data Breaches Are on the Rise and So Is Government Enforcement

In This Issue: - The Take-Aways for Covered Entities and Business Associates - For More Information - Excerpt from The Take-Aways for Covered Entities and Business Associates: As a majority of the...more

New York Hospitals to Pay Record $4.8 Million for HIPAA Data Breach

In the largest Health Insurance Portability and Accountability Act (HIPAA) settlement to date, two New York hospitals have agreed to pay $4.8 million to settle allegations that they failed to secure thousands of patients’...more

FTC Ordered to Testify Regarding Data Security Standards in LabMD Dispute

The Federal Trade Commission (FTC) has suffered a significant setback in its ongoing dispute with LabMD, a now-closed medical laboratory that the FTC charged with failing to adopt reasonable data security practices that...more

Two Health Care Organizations Pay Largest HIPAA Fine at $4.8 Million Resulting from Unsecured Shared Network

New York-Presbyterian Hospital and Columbia University entered into a settlement with the Department of Health and Human Services’ Office of Civil Rights (OCR) to resolve allegations that the organizations had violated the...more

$4.8 Million – Largest HIPAA Settlement to Date

On May 7, 2014, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) issued a press release announcing that two health care organizations—New York and Presbyterian Hospital (“NYP”) and Columbia...more

Paying the Price: Physician Group Faces Hefty Penalty and OCR Oversight After Failure to Conduct Security Risk Assessment and...

What you need to know: The Office for Civil Rights of the US Department of Health & Human Services is continuing its trend toward more aggressive enforcement of HIPAA violations. Small provider entities are not immune...more

A New Year’s Resolution (And Corrective Action Plan) From OCR: Physician Practice Cited For HIPAA Violations

The Office for Civil Rights (OCR) is closing out 2013 with a reminder of the importance of an effective HIPAA compliance program. On December 26, 2013, OCR announced a resolution agreement with a Massachusetts physician...more

Medical practice agrees to payment due to HIPAA data breach

One day after Christmas, the U.S. Department of Health and Human Services (HHS) Office of Civil Rights (OCR) announced that a Massachusetts-based dermatology practice (Practice) agreed to a $150,000 payment and entered into a...more

Health Plan Agrees To $1.2 Million Settlement For Photocopier HIPAA Security Breach

The Department of Health and Human Services (HHS) announced a settlement on August 14, 2013, with Affinity Health Plan (Affinity), a not-for-profit managed care plan, which included a payment of $1,215,780, for a HIPAA...more

Hiding in plain sight: Failure to scrub patient data from digital copiers returned to leasing company results in $1.2 million...

We’ve sounded warnings about the lowly copy machine before. The proliferation of digital devices in the workplace means that data security must extend beyond computer networks and laptops. Seemingly old fashioned equipment,...more

HITECH What You Need to Know About Electronic Protected Health Information

Recently enacted legislation has resulted in extensive expansions to the privacy, security, breach notification and enforcement rules of the Health Information Technology for Economic and Clinical Health (HITECH) Act under...more

HIPAA security violations result in $1.7 million settlement

On July 8, 2013, WellPoint, Inc., a managed care company (“WellPoint”), agreed to pay a $1.7 million fine to settle a self-reported breach of HIPAA, a key federal health privacy law, that led to the unauthorized disclosure of...more

Blood Bank Settles FTC Complaint About Customer Data Privacy

Any company that collects personal information about individuals, such as credit card numbers and social security numbers, must be very careful about the way in which it stores and secures that information. Even a blood bank...more

37 Results
|
View per page
Page: of 2

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×