On October 16, the FDA’s Center for Devices and Radiological Health and Homeland Security’s Office of Cybersecurity and Communications announced a partnership to address cybersecurity issues related to the utilization of medical devices. As healthcare professionals continue to rely on computer-based systems to monitor and treat patients effectively, cybersecurity threatens…
In July 2017, Georgia passed House Bill 249, transitioning the state’s Prescription Drug Monitoring Program (PDMP) from the Drug and Narcotic Agency to the Department of Public Health. “The goal of the Georgia PDMP is to reduce the misuse of controlled substances and to promote proper use of medications used…
Genetic testing companies, such as 23andMe, have become a craze in the United States within the last 10 to 15 years. 23andMe was formed with the purpose of informing its customers of their genetic health risks, carrier status, and ancestry information. After collecting DNA from saliva, the DNA is sent…
A Denver area Federally Qualified Health Center (FQHC) must pay $400,000 in fines and implement a corrective action plan for HIPAA violations that resulted from a hacker’s breach into the health center’s employee emails. The breach led to theft of electronic protected health information (ePHI) of 3,200 individuals. Although the…
The U.S. Department of Health & Human Services (HHS) announced its preparation to move into its next phase of audits of healthcare covered entities and their business associates. According to HHS, “[t]he 2016 Phase 2 HIPAA Audit Program will review the policies and procedures adopted and employed by covered entities…
HIPAA Audits 2015 Auditing is to Increase; Increased Contractors; Business Associates at Risk By: Brian L Tuttle, CHP, CHA, CPHIT, CBRA, CCNA, CISSP Well D-Day in the Health Insurance Portability and Accountability Act (HIPAA) world (September 23, 2013) has come and gone and we are all still here, the…
Although most health care providers understand in the abstract that they must comply with The Health Insurance Portability and Accountability Act of 1996 (HIPAA), many may not fully appreciate the legal and financial significance of noncompliance. More and more, the federal government utilizes HIPAA enforcement options to protect the public…
An unencrypted thumb drive cost a dermatology practice $150,000. On December 26, 2013, the U.S. Department of Health & Human Services (HHS) announced a settlement with Adult & Pediatric Dermatology, P.C. of Concord, Massachusetts (APD) of alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). APD,…
As a general rule of thumb for legal issues, being proactive tends to be much less expensive than being reactive. This general rule certainly applies to health care providers, their business associates and, now, business associate subcontractors with respect to changes required by the Health Insurance Portability and Accountability Act…
The U.S. Department of Health and Human Services (HHS) published the HIPAA final omnibus rule (Final Rule) on January 25, 2013. The Final Rule deals with required changes for medical practices and other health care providers that HHS determined are necessary to secure protected health information (PHI). As a result…