Dedicated to providing the latest
HIPAA compliance news

SAFER Guides Updated by ONC: Ransomware Prevention and Mitigations Now Included
Mar28

SAFER Guides Updated by ONC: Ransomware Prevention and Mitigations Now Included

The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) has updated its SAFER Guides to include information to help healthcare providers protect against ransomware attacks and mitigate attacks should they occur. The Safety Assurance Factors for Electronic Health Record Resilience (SAFER) Guides were first released in January 2014 to help healthcare providers improve the...

Read More
Former Employee Accused of Stealing PHI of up to 160,000 Med Center Health Patients
Mar28

Former Employee Accused of Stealing PHI of up to 160,000 Med Center Health Patients

The Kentucky-based 6-hospital health system Med Center Health has reported a data breach affecting approximately 160,000 patients. Med Center Health believes a former employee may have stolen patients’ protected health information (PHI) prior to leaving employment. The former employee has been accused of stealing PHI including names, addresses, health insurance information, Social Security numbers, procedure codes and billing...

Read More
Roger Severino Named New Director of HHS’ Office for Civil Rights
Mar27

Roger Severino Named New Director of HHS’ Office for Civil Rights

The Department of Health and Human Services’ Office for Civil Rights has a new leader. The Trump Administration has chosen former civil rights trial attorney Roger Severino to lead the HIPAA enforcement efforts of the Office for Civil Rights. Severino joins OCR from the Heritage Foundation’s DeVos Center for Religion and Civil Society, Institute for Family, Community, and Opportunity, where he served as Director since May 2015....

Read More
Flowers Hospital Data Breach Lawsuit Awarded Class-Action Status
Mar24

Flowers Hospital Data Breach Lawsuit Awarded Class-Action Status

A lawsuit filed by five plaintiffs following a breach of protected health information at Flowers Hospital in 2013 has finally been awarded class-action status. The lawsuit was filed against Triad of Alabama, the parent company of Flowers Hospital, in 2014. Triad of Alabama submitted motions to dismiss the lawsuit in 2014 and 2015, but the lawsuit survived. In contrast to many healthcare data breach lawsuits that are filed following...

Read More
What Can Small Healthcare Providers Do To Prevent Ransomware Attacks?
Mar23

What Can Small Healthcare Providers Do To Prevent Ransomware Attacks?

Ransomware attacks on healthcare providers are occurring with alarming frequency. Figures from the FBI suggest as many as 4,000 ransomware attacks are occurring every day. Healthcare organizations are targeted because they hold large volumes of data and access to those data is required to provide medical services to patients. Without access to patients’ health information, healthcare services can be severely disrupted. Such reliance...

Read More