Dedicated to providing the latest
HIPAA compliance news

Recent News

City of Portland Apologizes for Sharing PHI of HIV Positive Patients Without Prior Consent

information with third parties without first obtaining consent from patients. That has led some patients and healthcare officials to believe the City of Portland violated HIPAA by sharing information on HIV-positive patients with the University of Southern Maine without first obtaining...

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that...

Oklahoma Health Department Re-Notifies 47,000 of 2016 Data Breach

In April 2016, the Oklahoma Department of Human Services experienced a data breach, and while notifications were sent to affected individuals and the DHS’ Office of Inspector General shortly after the breach was detected, a breach notice was not submitted to the HHS’ Office for Civil Rights –...

2017 has seen a 62% Increase in Ransomware Attacks

Reported ransomware attacks in 2017 are already up 62% year on year, according to a new report from anti-malware firm Malwarebytes, with a month of 2017 still to go. Criminal gangs and opportunistic cybercriminals – termed the New Mafia by Malwarebytes – have embraced ransomware as a quick...

UNC Health Care Breach Potentially Impacts 24,000 Patients

A computer used by UNC Dermatology & Skin Cancer Center in Chapel Hill, NC, has been stolen, exposing the protected health information of approximately 24,000 patients. The computer was stolen by thieves during a burglary on October 8, 2017. UNC Health Care said a database on the stolen...

  • Healthcare Data Privacy
  • Healthcare Data Security
  • Healthcare Information Technology
  • HIPAA Breach News
  • HIPAA Compliance News
  • HIPAA News
  • HIPAA News for Small and Mid-Sized Practices
  • HIPAA Updates

City of Portland Apologizes for Sharing PHI of HIV Positive Patients Without Prior Consent

information with third parties without first obtaining consent from patients. That has led some patients and healthcare officials to believe the City of Portland violated HIPAA by sharing information on HIV-positive patients with the University of Southern Maine without first obtaining...

Is GoToMeeting HIPAA Compliant?

Is GoToMeeting HIPAA complaint? Can GoToMeeting be used by HIPAA-covered entities and their business associates for communicating protected health information without violating HIPAA Rules? GoToMeeting is an online meeting and video conferencing solution offered by LogMeIn. The service is one of...

How to Make Your Email HIPAA Compliant

Many healthcare organizations would like to be able to send protected health information via email, but how do you make your email HIPAA compliant? What must be done before electronic PHI (ePHI) can be sent via email to patients and other healthcare organizations? How to Make Your Email HIPAA...

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that...

2017 has seen a 62% Increase in Ransomware Attacks

Reported ransomware attacks in 2017 are already up 62% year on year, according to a new report from anti-malware firm Malwarebytes, with a month of 2017 still to go. Criminal gangs and opportunistic cybercriminals – termed the New Mafia by Malwarebytes – have embraced ransomware as a quick...

Is GoToMeeting HIPAA Compliant?

Is GoToMeeting HIPAA complaint? Can GoToMeeting be used by HIPAA-covered entities and their business associates for communicating protected health information without violating HIPAA Rules? GoToMeeting is an online meeting and video conferencing solution offered by LogMeIn. The service is one of...

Is GoToMeeting HIPAA Compliant?

Is GoToMeeting HIPAA complaint? Can GoToMeeting be used by HIPAA-covered entities and their business associates for communicating protected health information without violating HIPAA Rules? GoToMeeting is an online meeting and video conferencing solution offered by LogMeIn. The service is one of...

How to Make Your Email HIPAA Compliant

Many healthcare organizations would like to be able to send protected health information via email, but how do you make your email HIPAA compliant? What must be done before electronic PHI (ePHI) can be sent via email to patients and other healthcare organizations? How to Make Your Email HIPAA...

Survey Reveals Poor State of Email Security in Healthcare

A recent survey showed 98% of top healthcare providers have yet to implement the DMARC (Domain-based Message Authentication, Reporting & Conformance) email authentication standard. The National Health Information Sharing and Analysis Center (NH-ISAC), the Global Cybersecurity Alliance (GCA),...

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that...

Oklahoma Health Department Re-Notifies 47,000 of 2016 Data Breach

In April 2016, the Oklahoma Department of Human Services experienced a data breach, and while notifications were sent to affected individuals and the DHS’ Office of Inspector General shortly after the breach was detected, a breach notice was not submitted to the HHS’ Office for Civil Rights –...

UNC Health Care Breach Potentially Impacts 24,000 Patients

A computer used by UNC Dermatology & Skin Cancer Center in Chapel Hill, NC, has been stolen, exposing the protected health information of approximately 24,000 patients. The computer was stolen by thieves during a burglary on October 8, 2017. UNC Health Care said a database on the stolen...

City of Portland Apologizes for Sharing PHI of HIV Positive Patients Without Prior Consent

information with third parties without first obtaining consent from patients. That has led some patients and healthcare officials to believe the City of Portland violated HIPAA by sharing information on HIV-positive patients with the University of Southern Maine without first obtaining...

Oklahoma Health Department Re-Notifies 47,000 of 2016 Data Breach

In April 2016, the Oklahoma Department of Human Services experienced a data breach, and while notifications were sent to affected individuals and the DHS’ Office of Inspector General shortly after the breach was detected, a breach notice was not submitted to the HHS’ Office for Civil Rights –...

Is GoToMeeting HIPAA Compliant?

Is GoToMeeting HIPAA complaint? Can GoToMeeting be used by HIPAA-covered entities and their business associates for communicating protected health information without violating HIPAA Rules? GoToMeeting is an online meeting and video conferencing solution offered by LogMeIn. The service is one of...

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that...

Cottage Health Fined $2 Million By California Attorney General’s Office

Santa Barbara-based Cottage Health has agreed to settle a data breach case with the California attorney general’s office. Cottage Health will pay $2 million to resolve multiple violations of state and federal laws. Cottage Health was investigated by the California attorney general’s office over...

October 2017 Healthcare Data Breaches

In October 2017, there were 27 healthcare data breaches reported to the Department of Health and Human Services’ Office for Civil Rights. Those data breaches resulted in the theft/exposure of 71,377 patient and plan member records. October saw a significant fall in the number of reported...

Email Top Attack Vector in Healthcare Cyberattacks

A recent study conducted by HIMSS Analytics for email security firm Mimecast has revealed 78% of healthcare organizations have experienced a ransomware or malware attack in the past 12 months. Far from ransomware or malware attacks being occasional events, many of the healthcare organizations that...

Is GoToMeeting HIPAA Compliant?

Is GoToMeeting HIPAA complaint? Can GoToMeeting be used by HIPAA-covered entities and their business associates for communicating protected health information without violating HIPAA Rules? GoToMeeting is an online meeting and video conferencing solution offered by LogMeIn. The service is one of...

How to Make Your Email HIPAA Compliant

Many healthcare organizations would like to be able to send protected health information via email, but how do you make your email HIPAA compliant? What must be done before electronic PHI (ePHI) can be sent via email to patients and other healthcare organizations? How to Make Your Email HIPAA...

HHS Seeks Volunteers for HIPAA Administrative Simplification Optimization Project Pilot

The Department of Health and Human Services is running a HIPAA Administrative Simplification Optimization Project Pilot and is currently seeking volunteers to have compliance reviews. The aim of the pilot is to streamline HIPAA compliance reviews for health plans and healthcare...

In What Year Was HIPAA Passed into Legislature?

The Health Insurance Portability and Accountability Act or HIPAA was passed into legislature on August 21, 1996, when Bill Clinton added his signature to the bill. Initially, the purpose of HIPAA was to improve portability and continuity of health insurance coverage, especially for employees that...

HHS Issues Limited Waiver of HIPAA Sanctions and Penalties in California

The Secretary of the U.S. Department of Health and Human Services has issued a limited waiver of HIPAA sanctions and penalties in California. The waiver was announced following the presidential declaration of a public health emergency in northern California due to the wildfires. As was the case...