News

 

Register for InSPN’s November 3rd Quarterly Meeting

Register for InSPN's November 3rd Quarterly MeetingDear InSPN Members and Supporters, Please join us on November 3, 2022, for another in-person meeting!We are excited to offer 3 excellent presentations as well as our vendor fair. State of Indiana Cybersecurity...

read more

Register for InSPN’s August 4 Quarterly Meeting

Register for InSPN's August 4 Quarterly Meeting   Dear InSPN Member and Supporter, Join us on August 4, 2022, for our in-person meeting. We look forward to networking and live discussions! We have 3 great presentations: Joseph L. ChaneySpecial Agent, FBI...

read more

Register for InSPN’s May 5th Quarterly Meeting

Register for InSPN's May 5th Quarterly MeetingWe are very excited to have Brian Nussbaum as our keynote speaker. Brian is an assistant professor in the College of Emergency Preparedness, Homeland Security and Cybersecurity at the University at Albany. He focuses on...

read more

Registration is Open for InSPN Quarterly Meeting

Registration is Open for InSPN Quarterly MeetingDear InSPN Member and Supporter, Please plan to join the InSPN board of directors and your peers at our November 4, 2021, hybrid meeting. We will be meeting in person again at our 500 North Meridian conference center, as...

read more

OCR Settlements

April has been a busy month for the OCR. As of the writing of this email, there has been 2 HIPAA settlements for potential violations of the HIPAA Security Rules, and 1 settlement for the potential violation of the Privacy Rules. Potential non-compliance of the...

read more

What Type of Authentication is Right for you?

Over the past years, the healthcare sector has been one of the biggest targets of cybercrime. Some of these cybercrimes resulted in breaches due to weak authentication, which has made healthcare entities take a second look at their safeguards and consider...

read more

Cloud Computing Guidance

With the proliferation and widespread adoption of cloud computing solutions, HIPAA covered entities and business associates are questioning whether and how they can take advantage of cloud computing, while complying with the HIPAA Rules.  In response, the HHS Office...

read more

Cyber Threat Information-Sharing

From HHS, Office of Civil Rights…. A recent news report indicated that criminal cyberattacks against health care entities have increased up to 125 percent compared to five years ago, and the average consolidated total cost of data breach was $3.8 million, which is a...

read more

HHS OCR Offers New Materials for Covered Entities

Earlier this year, HHS OCR finalized the rule under Section 1557 to advance health equity and reduce health disparities by strengthening protections for some of the populations that have been most vulnerable to discrimination in the health care context.  Section 1557...

read more

OCR’s Phase Two HIPAA Audits Have Begun

Phase Two of OCR’s HIPAA audit program, which officially began a couple of months ago, has officially kicked into high gear.   Selected covered entities have now received notification letters regarding their inclusion in the desk audit portion of the audit program. ...

read more

Your Money or Your PHI: New Guidance on Ransomware

One of the biggest current threats to health information privacy is the serious compromise of the integrity and availability of data caused by malicious cyber-attacks on electronic health information systems, such as through ransomware.  The FBI has reported an...

read more

Guidance and Resources for Long Term Care Facilities

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued new guidance to assist long term care facilities in complying with their civil rights responsibilities and obligations under regulations by the HHS Centers for Medicare...

read more

What’s in Your Third-Party Application Software?

Recently, it has been reported that third-party application software security vulnerabilities are on the rise.  Third-party application software is designed to work within operating systems and to assist users in executing tasks on computers and other devices.  For...

read more

OCR Launches Phase 2 of HIPAA Audit Program

As a part of its continued efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the HHS Office for Civil Rights (OCR) has begun its next phase of audits of covered entities and their business associates.  Audits are an important...

read more

OCR Adds New Health App Use Scenarios to Developer Portal

Today, OCR posted new guidance on our mHealth Developer Portal [http://HIPAAQsportal.hhs.gov] to provide scenarios where the Health Insurance Portability and Accountability Act (HIPAA) regulations might apply to mobile health applications.  We hope these new scenarios...

read more

OCR Launches A New Cyber-Awareness Initiative

As we begin the New Year, OCR is launching a new Cyber-Awareness initiative to help our regulated community become more knowledgeable about the various security threats and vulnerabilities that currently exist in the healthcare sector; what security measures can be...

read more

OCR Launches Newly Redesigned Website!

Over the past several months, the HHS Office for Civil Rights has undertaken a full redesign of our website. We are thrilled to share with you the new www.hhs.gov/ocr, a more responsive, user-friendly platform. “Our website is a critical component of our outreach,...

read more