New Ransomware Policy Posted for Premium Members: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Ransomware continues to be one of the most serious threats to health information and may be the most serious threat, so you may need a .. read more
Building Security—More Than Just Locks on the Doors: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In this digital world, forgetting about something as low-tech as physical security of the building in which a covered entity or a business associate is .. read more
Changed HIPAA and HITECH Penalties—a Boon or a Trap for the Unwary: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) has announced a new penalty structure for the civil money penalties (“CMPs”) for HIPAA violations that apparently .. read more
Lack of Business Associate Agreement Costs $500,000! HIPAA & HITECH Act Blog by Jonathan P. Tomes
Advanced Care Hospitalists PL (“ACH”) recently settled a Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) enforcement action for $500,000 for .. read more
DHHS Issues New Cybersecurity Best Practices: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The U.S. Department of Health and Human Services (“DHHS”) recently issued voluntary cybersecurity best practices for health care organizations and guidelines for managing cyber threats .. read more
DHHS OIG Finds Deficiencies in FDA Policies and Procedures to Address Cybersecurity Risk in Postmarket Medical Devices: HIPAA & HITECH Act Blog by Jonathan P. Tomes
As a follow-on to the previous three blog posts addressing the mIoT—that is, the medical Internet of Things―an Office of the Inspector General (“OIG”) audit .. read more
Reducing mIoT Risks: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In two recent blogs, we have discussed how the Internet of Things (“IoT”) has become the mIoT—that is, the medical Internet of Things―and what this .. read more
Risk and the Internet of Things (“IoT”): HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Internet of Things (“IoT”) is a concept that is becoming more and more important in HIPAA compliance. The Internet of Things generally is the .. read more
How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more
HIPAA and NIST: What’s the Connection? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The National Institute for Standards and Technology [“NIST”] first became involved with HIPAA when it published “An Introductory Resource Guide for Implementing the Health Insurance .. read more