Dedicated to providing the latest
HIPAA compliance news

HHS Issues Partial HIPAA Privacy Rule Waiver in Hurricane Maria Disaster Zone
Sep22

HHS Issues Partial HIPAA Privacy Rule Waiver in Hurricane Maria Disaster Zone

The U.S. Department of Health and Human Services has already issued two partial waivers of HIPAA sanctions and penalties in areas affected by hurricanes this year. Now a third HIPAA waiver has been issued, this time in the Hurricane Maria disaster area in Puerto Rico and the U.S. Virgin Islands. As was the case with the waivers issued in relation to Hurricane Harvey and Hurricane Irma, the waiver only applies to covered entities in...

Read More
HIPAA Business Associate Data Breach Impacts 21,856 Individuals
Sep21

HIPAA Business Associate Data Breach Impacts 21,856 Individuals

The importance of reviewing system activity logs has been underscored by recent HIPAA business associate data breach. Nebraska-based CBS Consolidated Inc., doing business as Cornerstone Business & Management Solutions, conducted a routine review of system logs on July 10, 2017 and discovered an unfamiliar account on the server. Closer examination of that account revealed it was being used to download sensitive data from the...

Read More
Fall in Healthcare Data Breaches in August: Rise in Breach Severity
Sep21

Fall in Healthcare Data Breaches in August: Rise in Breach Severity

Healthcare data breaches have fallen for the second month in a row, according to the latest installment of the Breach Barometer report from Protenus/Databreaches.net. In August, there were 33 reported healthcare data breaches, down from 36 incidents in July and 56 in June. While the reduction in data breaches is encouraging, that is still more than one healthcare data breach per day. August may have been the second best month of the...

Read More
The Compliancy Group Helps Imperial Valley Family Care Medical Group Pass HIPAA Audit
Sep20

The Compliancy Group Helps Imperial Valley Family Care Medical Group Pass HIPAA Audit

The Department of Health and Human Services’ Office for Civil Rights commenced the second round of HIPAA compliance audits late last year. The audit program consists of desk-based audits of HIPAA-covered entities and business associates, followed by a round of in-depth audits involving site visits. The desk audits have been completed, with the site audits put on hold and expected to commence in early 2018. Only a small number of...

Read More
1,081 St. Louis Patients Alerted About Improper PHI Disclosure
Sep20

1,081 St. Louis Patients Alerted About Improper PHI Disclosure

1,081 patients of the MS Center of Saint Louis and Mercy Clinic Neurology Town and Country are being informed that they may be contacted for marketing and research purposes by pharmaceutical companies and other third-parties, even though they may not have given their permission to be contacted. HIPAA Rules do not permit patients to be contacted for marketing or research purposes unless consent to do so has first been obtained....

Read More