Latest Articles

The U.S. Department of Health and Human Services (DHHS) recently released Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients (HICP). DHHS states that the purpose of the HICP is to: Raise awareness of cybersecurity; Provide vetted cybersecurity practices; Move organizations towards consistency in mitigating cybersecurity threats to the sector; Aid health care and public health organizations to develop meaningful cybersecurity objectives and outcomes.…
On December 12, 2018, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), requested public comments on potential changes to the Health Insurance Portability and Accountability Act’s regulations (HIPAA) that are perceived to be burdensome by the industry. The Request for Information (RFI) focuses on HIPAA requirements that limit or discourage coordination of care without meaningfully contributing to the protection of the privacy or security of individual’s protected health information.…
The medical credentialing process, whether for a hospital, a hospital system or a health plan, has emerged as a potential early target for the application of blockchain technology and administration.1 It is a process that allows a secure database to be established over time and on a cumulative basis. Medical credentialing involves verifying whether a candidate meets the applicable educational and training prerequisites for the position sought — appointment to a hospital’s medical staff or the…
On September 26, 2018, a record settlement was reached between Uber and the attorneys general of all 50 states and the District of Columbia over the company’s 2016 data breach. While this case presents an extreme example of corporate misconduct on behalf of its former management, this settlement is unique in the imposition of stringent privacy protection requirements that Uber must incorporate into its business practices.…
So far 2017 is proving to be an active year for Health Insurance Portability and Accountability Act (HIPAA) enforcement. This comes on the heels of 2016, which saw an unprecedented level of enforcement actions, with 13 total settlements and nearly a 300 percent increase in total collected fines over 2015. To date in 2017, nine actions have been settled and the average settlement amount continues to outpace 2016.…
With the news of the newest international ransomware campaign that is currently affecting some organizations within the Health Care sector, it is important to not only educate staff on necessary precautions, but also be aware of steps to take in the instance you are infected by a ransomware attack. The following information was distributed  today by the Office of the National Coordinator (ONC).  Please take a moment to review the information and prepare your organization…