News and Toolkit Updates
From the PrivaPlan Blog
HHS reduces maximum civil penalties for HIPAA violations
The HHS published a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties that changes the interpretation of fines for violations defined under the HITECH Act, effectively reducing some of the annual limits.
Email breaches in three states expose protected health information
Three email system breaches in three states exposed protected health information and each healthcare entity is stepping up efforts so it won't happen again.
PrivaPlan advises rural health care staff to train, train and retrain
Train, train and retrain is at the top of PrivaPlan’s list of practical solutions for being HIPAA compliant.
PrivaPlan HIPAA Certification Program promotes culture of compliance
PrivaPlan’s HIPAA Certification Program is giving healthcare professionals access to what had once been next to impossible to find: a one-stop shop to become a certified HIPAA expert.
Judge rules in favor of OCR, orders cancer center to pay $4.3 for HIPAA violations
A HHS Administrative Law Judge has ruled that MD Anderson violated HIPAA and is requiring the Texas cancer center to pay $4.3 million in penalties to the OCR.
W-2 phishing season is here…again
As the tax season gets underway, you can bet that cyber criminals are doing their tax preparations for W-2 phishing; they’re preparing to dupe hundreds of payroll and HR departments into providing W-2 data on their employees.
Phishing scam exposes PHI of patients at Colorado Mental Health Institute
As the year comes to an end, there appears to be no end in sight for healthcare data hacks. An employee at the Colorado Mental Health Institute at Pueblo recently fell for a phishing scam that potentially exposed the PHI of 650 patients.
Latest HIMSS cybersecurity report: threats rise, so does security
The August 2017 HIMSS Cybersecurity Report indicates that respondents are taking proactive steps to stay ahead of security threats.
A new cyber threat is also a HIPAA Security threat
Recent analysis of a new variant of what appeared to be ransomware turns out instead to be malicious software that erases files on computers.
Survey finds 68% healthcare employees will share sensitive info
Results from a recent survey reveal that 68% of healthcare employees occasionally share confidential or regulated data.
HIPAA settlement proves value of audit controls
Having policies and procedures in place is good, as long as you have audit controls to ensure they’re implemented, unlike this Florida healthcare system.
Join Oct. 12 webcast: BAs, HIPAA Risk Management
More and more, HIPAA breaches are caused by the Business Associates of HIPAA covered entities. Learn how to manage these risks in Oct. 12 webcast.
OCR is stepping up its investigations of smaller breaches
The OCR has begun an initiative to more widely investigate the root causes of smaller breaches affecting fewer than 500 individuals.
Sign up for June 20 webcast: MACRA + MIPS, Education and Action Planning
Join David Ginsberg, CEO of PrivaPlan Associates, Inc., as he addresses the not-so-distant future of Medicare payment reform and how this will affect meaningful use and planning for certified electronic health records.
David Ginsberg explains new HIPAA audits in webinar
PrivaPlan President David Ginsberg leads June 28 webinar hosted by CORHIO about new HIPAA audits of covered entities and their business associates.
Are chiropractors required by law to be HIPAA compliant?
Watch the included video from PrivaPlan President David Ginsberg who answers this very question.