Exploit Released for ‘PrintNightmare’ Zero-Day Windows Print Spooler RCE Vulnerability
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert following the publication of a proof of concept (PoC)…
The Healthcare Compliance News section of The HIPAA Journal provides current news and analyses related to healthcare compliance. It covers regulatory updates, healthcare violations, and guidelines for protecting patient data and managing healthcare compliance programs.
On April 22, 2024, the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology...
New York Attorney General, Letitia James, has announced a settlement with New York’s largest health network, Northwell Health, to resolve...
A recent analysis of healthcare websites by Lokker found widespread use of Meta Pixel tracking code. 33% of the analyzed...
The HHS Office of the National Coordinator for Health Information Technology (ONC) has provided an update to Congress on the...
The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that a $35,000 settlement has been...
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has proposed a rule that implements cyberattack and ransom...
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert following the publication of a proof of concept (PoC)…
President Biden’s Cybersecurity Executive Order requires all federal agencies to reevaluate their approach to cybersecurity, develop new methods of evaluating…
Florida Governor Ron De Santis has signed the “Live Healthy” legislative package into law, which enhances current policies and includes...
U.S. Senator Bill Cassidy, M.D. (R-LA), ranking member of the Senate Health, Education, Labor, and Pensions (HELP) Committee, is seeking...
Companies in Florida may soon be immune from lawsuits if they suffer data breaches provided that prior to the cybersecurity...
The difference between health records and HIPAA Protected Health Information (PHI) is that, while many types of organizations can maintain...
The primary Healthcare Data Breach Report by HIPAA Journal analyzes and identifies trends in breaches of 500 or more records...
New legislation has been introduced that seeks to establish standards and protocols to improve the matching of patients with their...
Healthcare regulatory compliance is the practice of meeting or exceeding the requirements of all applicable federal, state, local, and industry...
Risk management in healthcare is the practice of analyzing healthcare practices and processes to identify risks and opportunities, assess their...
The National Institute of Standards and Technology (NIST) has published the final version of its guidance on implementing the HIPAA...
The deadline for reporting healthcare data breaches of fewer than 500 records is fast approaching. These small data breaches usually...
Integrated healthcare compliance management consists of managing a healthcare organization’s compliance obligations and activities holistically in order to avoid business...
The Office of the National Coordinator for Health Information Technology (ONC) at the Department of Health and Human Services (HHS)...
Healthcare data breach incident response and reporting is a key area of regulatory compliance for organizations in the healthcare industry,...
A bipartisan group of senators has formed a Medicare payment reform working group which is working on new legislation that...
The U.S. Food and Drug Administration (FDA) has issued draft guidance to help registrants of drug establishments in submitting reports...
Healthcare information management is the collection, protection, and analysis of patient health information to ensure the quality and availability of...
CIS Critical Security Control 18 in healthcare – often abbreviated to CIS CSC 18, or CIS Control 18 – is...
The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) has warned Memorial Mission Hospital...
ISO/IEC 27001 in healthcare is a standard for managing the security of confidential data that sets out a framework for...
Florida leads the way for Affordable Care Act health insurance with 4.2 million people in the state having signed up...
In the context of regulatory compliance, a gap analysis in healthcare is an assessment of the required level of regulatory...
The consequences of non-compliance in healthcare depend on the compliance obligations of the individual or entity, the nature of the...
Healthcare compliance program policies and procedures should consist of a combination of policies and procedures mandated by federal, state, and...
Healthcare compliance tracking software is a tool that helps healthcare organizations keep compliance programs on schedule by automating the management...
Compliance is important in healthcare because complying with the regulations that govern the healthcare industry can help avoid legal risks...
The Centers for Medicare and Medicaid Services (CMS) has announced record enrollments in Affordable Care Act (ACA) individual marketplace plans...
Outsourced healthcare compliance is when external experts or agencies take responsibility for some of an organization’s compliance obligations – either...
A clearinghouse in healthcare is a middleman between a healthcare provider and a health plan that checks claims from healthcare...
The Department of Health and Human Services (HHS) has unveiled the Cybersecurity Performance Goals (CPGs) that were outlined in its...
A healthcare compliance plan is a document that outlines the compliance obligations of a healthcare organization, lists what measures already...
Storing and Communicating Healthcare Information in Compliance with HIPAA When the Final Omnibus Rule enacted regulations within the Health Insurance...
There was no letup in healthcare data breaches as the year drew to a close, with December seeing the second-highest...
Healthcare compliance policy management is an important part of healthcare administration because it helps healthcare organizations and their workforces comply...
The challenge of compliance in multi-site medical practices is that different sites can have different approaches to governance, risk management,...
SOC 2 in healthcare is a privacy and security standard that can provide assurances to the C-Suite, to business partners,...
The scale of workplace violence in healthcare is unknown due to significant under-reporting; however, data from the Bureau of Labor...
A healthcare compliance program is a process of implementing policies and procedures that have been developed to support compliance with...
The best practices for preventing phishing attacks include technical defenses such as email filters, web filters, and access controls, and...
Assessing healthcare compliance gaps can be challenging due to first having to identify which healthcare regulations and standards an organization...
The Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) Final Rule was published in...
In the context of complying with HIPAA, HITRUST is one of the most commonly adopted Cyber Security Frameworks (CSFs) alongside...
HIPAA-regulated entities must ensure that protected health information (PHI) is safeguarded against unauthorized access, but many covered entities and business...
The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) has issued a final rule...
What is Malware? Before explaining how to protect hospital computers from malware, it is advisable to resolve any confusion about...
Due to way in which breaches of unsecured PHI are notified to HHS’ Office for Civil Rights, it is difficult...
Interoperability in healthcare means making sure information technology systems and software solutions work together seamlessly to exchange, interpret, and use...
Healthcare governance, risk management, and compliance (GRC) are the three components of an interconnected framework that can help healthcare organizations...
The case for compliance software in healthcare is that regulatory compliance in the healthcare industry is complicated by the volume...
Healthcare compliance certification can mean different things to different people. For individuals, healthcare compliance certification can mean they have completed...
The Government Accountability Office (GAO) has recommended the Food and Drug Administration (FDA) update its formal medical device agreement with...
Effective communication is essential in any business but even more so in healthcare. The effects of poor communication in healthcare...
Compliancy Group has been named the best healthcare compliance software provider by G2 in its Winter 2023 Reports. G2, (formerly...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published healthcare sector-specific guidance on enhancing cyber resilience. The guidance is...
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center (HC3) has released a threat report warning about...
In the absence of federal legislation to protect healthcare workers, Michigan has introduced a new law that expands the definition...
On Wednesday, the U.S. Department of Health and Human Services published a concept paper that outlines the HHS’s cybersecurity strategy...
A SOC 2 compliance checklist – also known as a SOC 2 audit checklist or SOC 2 assessment checklist –...
Fine-tuning healthcare workflow management to make improvements in efficiency, productivity, and profitability can be a difficult task, but when successful,...
Medical Eye Services (CA), Prospect Medical Services (CA), McAlester Regional Health Center (OK), PeakMed (CO), Catholic Charities of Long Island...
The HIPAA medical records destruction rules relate to the safeguards covered entities and business associates must implement to ensure Protected...
The American Academy of Family Physicians (AAFP) has responded to a request for information from Congress on a potential solution...
Communication in nursing is one of the most important aspects of the care profession because nurses work on the front...
The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) have collaborated and produced a cybersecurity...
In its October 2023 cybersecurity newsletter, the HHS’ Office for Civil Rights reminds HIPAA-regulated entities of the importance of sanctions...
September was a much better month for healthcare data privacy, with the lowest number of reported healthcare data breaches since...
There was a 21.4% month-over-month increase in healthcare data breaches in August. 68 data breaches of 500 or more records...
There was a 15.2% fall in reported data breaches in July with 56 breaches of 500 or more records reported...
On July 27, 2023, the bipartisan Value in Health Care Act was introduced and seeks to extend the 5% Medicare...
The Department of Health and Human Services’ Office for Civil Rights (OCR) breach portal shows a 12% month-over-month reduction in...
The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) has published a Coordinated Healthcare Incident Response...
Ransomware attacks increased by 91% in March 2023, according to a new analysis by NCC Group. There were 459 confirmed...
The dark web is extensively utilized by cybercriminals and is therefore a rich source of information… information that can be...
The Department of Justice has updated its guidance for the Evaluation of Corporate Compliance Programs to incorporate directions given by...
On Thursday last week, the U.S. Senate Committee on Homeland Security and Governmental Affairs held a hearing to examine cybersecurity...
This month, the Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) published guidance to help healthcare...
The Health Sector Cybersecurity Coordination Center (HC3) at the Department of Health and Human Services has issued a DDoS guide...
Blackberry has recently published its Global Threat Intelligence Report, which provides actionable and contextualized intelligence that can be used to...
For the first time since 2015, there was a year-over-year decline in the number of data breaches reported to the...
Healthcare ransomware attacks have at least doubled in the past 5 years, data recovery from backups has decreased, and it...
The Secretary of the Department of Health and Human Services (HHS) has proposed a new rule that will require the...
The National Institute of Standards and Technology (NIST) has released a draft Cybersecurity Framework Profile for Ransomware Risk Management to...
Healthcare compliance officers are prioritizing compliance with HIPAA Privacy and Security Rules, even though the majority of Department of Justice...
On Monday, the Trump Administration released its 2019 fiscal budget which includes major cuts to funding for the Department of...
Noncompliance with HIPAA can carry a significant cost for healthcare organizations, yet even though the penalties for HIPAA violations can...
The Senate is to vote on a national data breach notification bill – the Data Security and Breach Notification Act...
It has been a short stint as Secretary of the U.S. Department of Health and Human Services for Tom Price,...
The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) has published its Final...
On Tuesday this week at the Splunk GovSummit in Washington D.C., The National Institute of Standards and Technology (NIST) unveiled...
The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) has issued guidance for...
Access to healthcare can be considered a basic human right, although many counties have different views on the services that...
A recent survey conducted by eFax aimed to discover some of the main issues faced by HIPAA-covered entities when it...
Is Your Organization HIPAA Compliant?
Find Out With Our Free HIPAA Compliance Checklist
Get Free Checklist