The U.S. Department of Justice (DOJ) has announced its largest-ever coordinated healthcare fraud takedown, charging 324 individuals, including 96 doctors, nurses, and other licensed medical professionals, across the country. The alleged schemes involved nearly $14.6 billion in fraudulent claims to...

A leading national consumer watchdog group has sounded the alarm on a massive data breach, warning that as many as 184 million passwords may have been compromised. If confirmed, this breach would be one of the largest in recent history,...

A Resolution Agreement is a formal settlement between the U.S. Department of Health and Human Services (HHS) and a HIPAA-covered entity or business associate. Under the agreement, the organization agrees to take specific corrective actions and submit regular compliance reports...

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has reached a settlement with Comprehensive Neurology, a small neurology practice based in New York, following a potential violation of the HIPAA Security Rule. The investigation stemmed...

PIH Health, Inc. (PIH), a California health care network, has agreed to pay the OCR $600,000. The violations stem from an email phishing attack that exposed unsecured electronic protected health information (ePHI). The settlement resolves an investigation that OCR conducted...

What you need to know In 2025 and beyond there are many HIPAA updates that are occurring in the healthcare arena. Staff education and patient privacy are front and center of the OCR. You can be fined for HIPAA violations...

In today's digital age, scams and hackers have become increasingly sophisticated, targeting individuals and businesses alike with tactics that are harder to detect and easier to fall for. From phishing emails and fake websites to ransomware attacks and identity theft,...

The Health Insurance Portability and Accountability Act (HIPAA) has long served as a cornerstone in protecting the privacy and security of individuals' health information. As digital technology continues to evolve, so do the ways in which health data can be...

Most people in healthcare have been affected by the Change healthcare cyberattack. Scams have hit a new level, and you must be more diligent than ever before. Scams can be spotted, but you must look closely. A scam can quickly...

Intrusion prevention - preventing a data breach

Common online tracking technology that could lead to a HIPAA violation

2024 HIPAA and other Compliance Updates

The difference between HIPAA documentation and medical records retention requirements.

Nefarious characters see healthcare organizations as high value yet relatively easy targets. These are referred to as target rich, cyber poor.  Given that healthcare organizations have a combination of personally identifiable information, financial information, health records, and countless medical devices,...

Most practices cannot afford to hire a HIPAA Compliance Officer. So, practice owners often assign their Office Manager or their Practice Administrator for the HIPAA Compliance Officer Responsibilities. Since they are not trained as a Compliance Officer, many times, HIPAA...

Patients’ right of access has extreme consequences if they are not handled properly. It starts the moment a patient makes this request. HIPAA prohibits unreasonable measures when patients request access to their medical records. Most practices think this request MUST...

We wrote about this back in December 2022, but the Office for Civil Rights (OCR) and the Federal Trade Commission (FTC) has added an additional warning. The OCR has confirmed its active investigations nationwide to ensure compliance with HIPAA. The...

Most of us are familiar with fines for data breaches of over 500 patient records. This time a business associate was fined $75K for 267 records. Covered entities are responsibility to vet their business associates. This includes making sure they...

When it is time to terminate an employee, it is never easy. Whether they are a short- or long-term employee, it can be difficult. Sadly, if you make a mistake you can end up with a complaint filed against you....

The U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced the formation of a new Enforcement Division, Policy Division, and Strategic Planning Division. Is more HIPAA Enforcement on the way? The newly established...