The Compliance INSIDER

Recently the Office for Civil Rights (OCR) announced a $100,000 settlement with a medical records company. In addition to paying $100,000, the medical records company agreed to take corrective action to settle the potential HIPAA Privacy and...

Imaging Service Company's Breach results in $3,000,000 Settlement The recent Office for Civil Rights (OCR) announcement of a settlement with a Tennessee diagnostic medical imaging services company due to a breach exposing 300,000...

In a recent, Breach Level Index report it was revealed that just in the first six months of 2018, 56% of the 4.5 billion data records that were compromised were from social media incidents. With 27% of all breach incidents being in the health...

Occasionally we are asked if users should logoff their computer if an automatic logoff procedure is already in place.  For example, after 10 minutes of inactivity the computer either activates a screen saver that is password protected or the...

On January 18, 2018 Allscripts experienced a ransomware attack that impacted their cloud based EHR and other services. At this time, Allscripts does not believe there is any reason to believe any data has been removed from their systems....

Trick-or-treating is a popular Halloween tradition in the United States, and other countries. Most of us associate "treats" with some form of candy, and "tricks" as possible pranks or other forms of mischief if a treat is not...

In our article last week we discussed when a cloud-based phone provider is considered a business associate. For many healthcare organizations, whether or not to take a walk on the cloud side of computing solutions may be a difficult decision....

Several years ago, Plain Old Telephone Service (POTS) was the most common option for communications over a telephone network. Now, there are a variety of other communications options to consider, such as cellular and Voice over IP (VoIP). While...

Not too long ago, "WannaCry," a ransomware attack significantly impacted organizations around the globe last month. Another attack – "Petya" – spread quickly impacting Microsoft Windows-based computers. These types...

Have you ever wondered how the U.S. Department of Health and Human Services (HHS) Office of Inspector General (OIG) determines future risk? As it turns out, the fraud risk indicator is OIG’s assessment of the future risk posed by...