Many HIPAA covered entities and business associates struggle with developing and implementing a sanctions policy. What should it say, is zero-tolerance required, do we have to impose discipline in every case, etc. These are...more
Users of Universal Health Services (UHS), one of the largest healthcare systems in the country, recently lost access to electronic medical records when UHS suffered a ransomware attack and took its systems offline to...more
Medical Informatics Engineering, Inc. and its wholly-owned subsidiaries (MIE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS-OCR) entered into a $100,000 settlement and two-year...more
Proposed Modifications to HIPAA Regulations under Consideration - On December 14, 2018, HHS issued its Request for Information on Modifying HIPAA Rules to Improve Coordinated Care as part of its Regulatory Sprint to...more
"Open the pod door, HAL" • Commercial voice-activated intelligent personal assistants from Amazon, Apple, Google, and Microsoft, among others, are growing in popularity. • A report from NPR and Edison Research states...more
The virtual world offers opportunities and obligations not found in nature. For a couple of years, my wife has followed the adventures of a bonded eagle couple, Liberty and Freedom, residing in the hills near Hanover,...more
According to a recent U.S. Government Interagency report, ransomware is the fastest growing malware threat, targeting users of all types. An incredible 51 percent of respondents in a January 2017 study by the Ponemon...more
The National Institute of Standards and Technology has announced that due to stakeholder feed-back, the period to submit comments for the draft guide, “Securing Electronic Health Records on Mobile Devices” has been extended...more
Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced that it had entered into a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton,...more
On December 5, 2013, the Office of Inspector General (OIG) reported on the Office for Civil Rights’ (OCR) compliance as of May 2011 with oversight and enforcement of the Security Rule and compliance with federal cybersecurity...more