What Do You Do If the HIPAA S**t Hits Your Fan and the Feds Come after You?: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Many of you will (hopefully) never need the guidance in this blog post. And I have never read a HIPAA blog post or article talking .. read more
Changed HIPAA and HITECH Penalties—a Boon or a Trap for the Unwary: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) has announced a new penalty structure for the civil money penalties (“CMPs”) for HIPAA violations that apparently .. read more
Security Breaches Aren’t the Only Compliance Risks! So Are Privacy Rights Violations: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A recent announcement by the Dental Board of California has reinforced the notion that having a breach of security, such as a hacker’s gaining access .. read more
HHS Civil Money Penalties (“CMPs”) Aren’t the Only Ones! And Do You Need Insurance? HIPAA & HITECH Act Blog by Jonathan P. Tomes
UCLA Health recently settled a class action lawsuit against it for $7.5 million. The plaintiffs were victims of a hack attack on UCLA’s network that .. read more
Lack of Business Associate Agreement Costs $500,000! HIPAA & HITECH Act Blog by Jonathan P. Tomes
Advanced Care Hospitalists PL (“ACH”) recently settled a Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) enforcement action for $500,000 for .. read more
Who Knew HIPAA Could Harm Data Security? HIPAA & HITECH Act Blog by Jonathan P. Tomes
Earlier this month, in response to a request by Congress, the College of Healthcare Information Management Executives (“CHIME”) reported that complying with HIPAA is not .. read more
DHHS Issues New Cybersecurity Best Practices: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The U.S. Department of Health and Human Services (“DHHS”) recently issued voluntary cybersecurity best practices for health care organizations and guidelines for managing cyber threats .. read more
Risk and the Internet of Things (“IoT”): HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Internet of Things (“IoT”) is a concept that is becoming more and more important in HIPAA compliance. The Internet of Things generally is the .. read more
How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more
Securing EHRs on Mobile Devices—New NIST Guidance: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The single biggest category of DHHS civil money penalties involves loss or theft of EHRs on mobile devices. The only guidance in the Security Rule .. read more