The Rise of Ransomware in Healthcare (Part 2 of 3)

In this second installment of the series, we discuss the impact of ransomware specifically on the healthcare industry. In the 15th annual Ponemon Institute “Cost of a Data Breach Report” published by IBM Security earlier this year, hundreds of breached companies and thousands of individuals were interviewed across 17 different industries and 17 countries/regions. For

The Rise of Ransomware in Healthcare (Part 2 of 3) Read More »

Annual Security/Risk Assessments Critical to HIPAA Compliance

Whether you are audited randomly or as a result of a breach or a complaint, you will be asked to provide evidence of past security/risk assessments and plans/actions for remediating any deficiencies identified in these assessments.  This company’s failure to conduct risk assessments was a key factor in the settlement agreement reached with the Office

Annual Security/Risk Assessments Critical to HIPAA Compliance Read More »

Healthcare Data Breach Costs Remain Highest Among Industries

The 13th annual Cost of a Data Breach study from IBM and the Ponemon Institute showed that healthcare breaches cost an average of $408 per record, nearly triple the overall average across all industries and nearly double the second most costly industry (financial) to remain the highest of all industries for the 8th consecutive year.

Healthcare Data Breach Costs Remain Highest Among Industries Read More »

Florida contractor physicians’ group shares protected health info

Another example of the consequences of neglecting to conduct annual security risk assessments and having the required Business Associate Agreements in place with your business associate vendors.  This case resulted in a $500,000 monetary settlement as well as a 2-year corrective action plan (CAP) for potential violations of the HIPAA Security Rule.  The link below

Florida contractor physicians’ group shares protected health info Read More »

HIPAA Breaches

Think that breaches are rare or are private? Think again. Section 13402(e)(4) of the HITECH Act requires the Secretary of the Department of Health and Human Services (DHHS) Office for Civil Rights (OCR) to post a list of breaches of unsecured protected health information (PHI) affecting 500 individuals or more. There are currently over 400

HIPAA Breaches Read More »

Dallas Dental Practice Settles Social Media Disclosure Case

Elite Dental Associates of Dallas has agreed to pay $10,000 to the Office for Civil Rights (OCR) and adopt a two-year Corrective Action Plan (CAP) to settle potential violations of the HIPAA Privacy Rule.  The HHS press release can be found here and includes a copy of the resolution agreement: https://www.hhs.gov/about/news/2019/10/02/dental-practice-pays-10000-settle-social-media-disclosures-of-patients-phi.html

Dallas Dental Practice Settles Social Media Disclosure Case Read More »