Indiana Security & Privacy Network

News

 

OCR Settlements

April has been a busy month for the OCR. As of the writing of this email, there has been 2 HIPAA settlements for potential violations of the HIPAA Security Rules, and 1 settlement for the potential violation of the Privacy Rules. Potential non-compliance of the...

read more

Medical Device Security Workshop

Friday, January 27 at 8:00 AM- 4:30 PM, @ Eskenazi Health 720 Eskenazi Avenue REGISTER HERE!! A chance to join other healthcare providers and medical device manufacturers in a free interactive forum. Lunch included. Topics Cybersecurity Landscape Medical Device...

read more

What Type of Authentication is Right for you?

Over the past years, the healthcare sector has been one of the biggest targets of cybercrime. Some of these cybercrimes resulted in breaches due to weak authentication, which has made healthcare entities take a second look at their safeguards and consider...

read more

Cloud Computing Guidance

With the proliferation and widespread adoption of cloud computing solutions, HIPAA covered entities and business associates are questioning whether and how they can take advantage of cloud computing, while complying with the HIPAA Rules.  In response, the HHS Office...

read more

Cyber Threat Information-Sharing

From HHS, Office of Civil Rights…. A recent news report indicated that criminal cyberattacks against health care entities have increased up to 125 percent compared to five years ago, and the average consolidated total cost of data breach was $3.8 million, which is a...

read more

HHS OCR Offers New Materials for Covered Entities

Earlier this year, HHS OCR finalized the rule under Section 1557 to advance health equity and reduce health disparities by strengthening protections for some of the populations that have been most vulnerable to discrimination in the health care context.  Section 1557...

read more

OCR’s Phase Two HIPAA Audits Have Begun

Phase Two of OCR’s HIPAA audit program, which officially began a couple of months ago, has officially kicked into high gear.   Selected covered entities have now received notification letters regarding their inclusion in the desk audit portion of the audit program. ...

read more

Your Money or Your PHI: New Guidance on Ransomware

One of the biggest current threats to health information privacy is the serious compromise of the integrity and availability of data caused by malicious cyber-attacks on electronic health information systems, such as through ransomware.  The FBI has reported an...

read more

Guidance and Resources for Long Term Care Facilities

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has issued new guidance to assist long term care facilities in complying with their civil rights responsibilities and obligations under regulations by the HHS Centers for Medicare...

read more

What’s in Your Third-Party Application Software?

Recently, it has been reported that third-party application software security vulnerabilities are on the rise.  Third-party application software is designed to work within operating systems and to assist users in executing tasks on computers and other devices.  For...

read more

OCR Launches Phase 2 of HIPAA Audit Program

As a part of its continued efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the HHS Office for Civil Rights (OCR) has begun its next phase of audits of covered entities and their business associates.  Audits are an important...

read more

OCR Adds New Health App Use Scenarios to Developer Portal

Today, OCR posted new guidance on our mHealth Developer Portal [http://HIPAAQsportal.hhs.gov] to provide scenarios where the Health Insurance Portability and Accountability Act (HIPAA) regulations might apply to mobile health applications.  We hope these new scenarios...

read more

OCR Launches A New Cyber-Awareness Initiative

As we begin the New Year, OCR is launching a new Cyber-Awareness initiative to help our regulated community become more knowledgeable about the various security threats and vulnerabilities that currently exist in the healthcare sector; what security measures can be...

read more

INSPN Meeting

November 3, 2016 8:00 AM - 2:00 PM Agenda: [ws_table id="7"] Location: NEW MEETING LOCATION 500 North Meridian Street Indianapolis, IN  46204 Meeting will be in conference center in the basement of the building For questions about parking or the new location...

read more

OCR Launches Newly Redesigned Website!

Over the past several months, the HHS Office for Civil Rights has undertaken a full redesign of our website. We are thrilled to share with you the new www.hhs.gov/ocr, a more responsive, user-friendly platform. “Our website is a critical component of our outreach,...

read more

IHIMA Release of Information Guide

IHIMA Release of Information Guide The 2013 IHIMA Release of Information Guide has been updated in its entirety from the 2008 version. Indiana Health Information Management Announces a comprehensive publication revision will be delivered in a pdf format containing the...

read more

HITECH Act Report to Congress

HITECH Act Report to Congress The Health Information Technology for Economic and Clinical Health (HITECH) Act requires the Secretary of the Department of Health and Human Services ("the Secretary") to prepare and submit annual reports on breach notifications and...

read more

SecureWorld Indianapolis, 2014

SecureWorld Indianapolis, 2014 SecureWorld is again coming to Indianapolis, October 1, 2014. Keynote speakers include Dr. Larry Ponemon, founder of The Ponemon Institute, and Carl Herberger, Vice President of Security Solutions-Radware. CPE credits are available....

read more

The OCR Names New Director

The OCR Names New Director The Office for Civil Rights named Jocelyn Samuels as the next OCR director, according to govinfosecurity.com. Ms. Samuels formerly served as the acting assistant attorney general for the Civil Rights Division of the U.S. Department of...

read more

$800,000 HIPAA settlement in medical records dumping case

$800,000 HIPAA settlement in medical records dumping case Parkview Health System, Inc. has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule with the U.S. Department of Health and Human...

read more

Data breach results in $4.8 million HIPAA settlements

Data breach results in $4.8 million HIPAA settlements Two health care organizations have agreed to settle charges that they potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules by failing to secure...

read more

Stolen laptops lead to important HIPAA settlements

Stolen laptops lead to important HIPAA settlements Two entities have paid the U.S. Department of Health and Human Services Office for Civil Rights (OCR) $1,975,220 collectively to resolve potential violations of the Health Insurance Portability and Accountability Act...

read more

County Government Settles Potential HIPAA Violations

County Government Settles Potential HIPAA Violations Skagit County, Washington, has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Breach Notification Rules.  Skagit County agreed...

read more

HHS settles with health plan in photocopier breach case

HHS settles with health plan in photocopier breach case Aug, 14, 2013 Under a settlement with the U.S. Department of Health and Human Services (HHS), Affinity Health Plan, Inc. will settle potential violations of the Health Insurance Portability and Accountability Act...

read more

Wellpoint settles HIPAA claim with HHS for $1.7M

Wellpoint settles HIPAA claim with HHS for $1.7M   Jul 11, 2013 The managed care company WellPoint Inc. has agreed to pay the U.S. Department of Health and Human Services (HHS) $1.7 million to settle potential violations of the Health Insurance Portability and...

read more

HHS Announces $400,000 HIPAA Enforcement Action

HHS Announces $400,000 HIPAA Enforcement Action May 22, 2013 HHS Announces $400,000 HIPAA Enforcement Action On Tuesday, May 21, 2013, the Department of Health and Human Services ("HHS") announced that it had reached a settlement with a State University ("University")...

read more

Feds ask firms about HIPAA audit experience

Feds ask firms about HIPAA audit experience March 20, 2013 By Joseph Conn Posted: March 20, 2013 - 12:01 am ET The top federal healthcare privacy and security regulator wants to know what officials from more than 100 organizations that have undergone privacy and...

read more

News

Subscribe to our e-Alerts

* = required field
Subscriber Type