Healthcare Compliance News

Texas Governor Greg Abbott has signed a bill into law that provides physicians in the state with a 3-day window...

Healthplex, one of the largest providers of dental health insurance programs in New York State, has agreed to a settlement...

The Federal Trade Commission (FTC) has announced settlements with two healthcare companies to resolve claims that they misled consumers seeking...

Users of the Flo Period & Ovulation Tracker app (Flo App) who sued Facebook (Meta) and others over the alleged...

Oklahoma has enacted a bill that amends its data breach notification statute. The definition of personal information warranting notifications has...

The Governor of Texas has added his signature to a bill regulating the storage and security of electronic health records...

California has agreed to a $1.55 million settlement with Healthline Media LLC to resolve alleged violations of the California Consumer...

Small businesses in Texas have been given protection from liability in data breach lawsuits if they implement and maintain a...

A coalition of 22 state attorneys general has written to the American Hospital Association (AHA) to remind hospitals that they...

The Federal Trade Commission (FTC) has proposed a $1.9 million settlement to resolve claims that Evoke Wellness, a Florida-based substance...

Companion bills have recently been introduced in the House of Representatives and the Senate that seek to make violent attacks...

Healthcare compliance software is a comprehensive management tool that helps chief compliance officers to effectively oversee compliance efforts across their organization's facilities, by proactively managing risk, streamlining workflows, improving collaboration, and demonstrating the achievement of compliance objectives to stakeholders.

There have been a further two appointments to leadership positions at the U.S. Department of Health and Human Services (HHS)....

Last week, the Trump administration rescinded guidance issued by the CMS in July 2022 regarding hospitals’ obligations under the Emergency...

The Oklahoma legislature has updated the Security Breach Notification Act, expanding the definition of personal information that warrants breach notifications,...

The state of Rhode Island has released a summary of the findings of an investigation by the cybersecurity firm CrowdStrike...

The California health insurance exchange, Covered California, has been found to be sharing sensitive data with LinkedIn via website trackers,...

The Michigan House of Representatives has passed a bill (HB 4242) that seeks to protect the sensitive health data of...

A Federal judge recently vacated a Final Rule proposed by the U.S. Food and Drug Administration (FDA) that sought to...

Communication in nursing is one of the most important aspects of the care profession because nurses work on the front...

An 834 file in healthcare is a benefit enrollment and maintenance file used to electronically exchange information about health plan...

Compliance is important in healthcare because complying with regulations that govern the healthcare industry can help avoid legal risks and...

A SOC 2 compliance checklist – also known as a SOC 2 audit checklist or SOC 2 assessment checklist –...

Risk management in healthcare is the practice of analyzing healthcare practices and processes to identify risks and opportunities, assess their...

Anti-kickback training for healthcare professionals is an essential element of a compliance training program and is mandated for all members...

Fraud, waste, and abuse training in healthcare is important to educate workforce members on federal laws and regulations designed to...

Last week, Virginia Governor Glenn Youngkin added his signature to S.B. 354, updating the Virginia Consumer Protection Act to prohibit...

Earlier this month, a bipartisan pair of senators reintroduced the Genomic Data Protection Act, which aims to regulate the genetic...

In April 2024, Kentucky joined the growing number of states that have adopted comprehensive consumer privacy and data protection laws....

One of the requirements of the Health Insurance Portability and Accountability Act of 1996 was the introduction of a national...

A database containing approximately 1.6 million clinical trial records has been exposed over the Internet and could be accessed without...

House Republicans have formed a working group to draft privacy legislation that will set federal privacy standards to replace the...

The non-profit civil liberties organization, Electronic Frontier Foundation (EFF), has written to Attorneys General in Arkansas, Florida, Missouri, and Texas,...

The Department of Government Efficiency (DOGE) staff has been provided access to key payment and contracting systems at the HHS...

A lawsuit has been filed against the Rhode Island Quality Institute (RIQI) by a former HIPAA officer who alleges she...

The New York Attorney General has warned New York hospitals that they must continue to provide gender-affirming care to minors,...

Sen. Elizabeth Warren (D-MA) has written to Robert F. Kennedy Jr. seeking answers about his plans for HHS policies and...

The challenge of HIPAA compliance in multi-site medical practices is that different sites can have different approaches to governance, risk...

In late December 2024, the Governor of New York, Kathy Hochul, signed two bills into law updating the New York...

The Department of Health and Human Services (HHS) issued two final rules related to interoperability and information blocking. The final...

Texas Attorney General Ken Paxton has filed a lawsuit in the District Court of Collin County, Texas, against a New...

Two bipartisan bills that modernize and streamline reporting requirements under the Affordable Care Act and reduce burdensome healthcare reporting requirements...

A new bill has been introduced in the Senate that seeks to prevent data brokers from engaging in “unfair and...

The Federal Trade Commission has taken action against two data brokers for alleged FTC Act violations related to the collection,...

In August, Texas Governor Greg Abbott issued an Executive Order (GA-46) directing the Texas Health and Human Services Commission (HHSC)...

Boston Children’s Hospital has been ordered to pay a former employee almost $1.9 million for retaliating against her for filing...

The Health Sector Cybersecurity Coordination Center (HC3) has issued an Analyst Note to raise awareness of a stealthy backdoor –...

The New York multi-site medical practice, Albany ENT & Allergy Services, has agreed to pay a $500,000 financial penalty to...

New compliance requirements are on the horizon as the HHS’ Office for Civil Rights (OCR) expects to publish a notice...

The term incident reporting in healthcare refers to the processes developed to report or escalate an incident that affects patients,...

Reviewing recent examples of HIPAA violations in healthcare can help identify trends in non-compliance so that HIPAA covered entities and...

An IDN in healthcare is an Integrated Delivery Network – an umbrella term for any type of arrangement in which...

California Attorney General Rob Bonta is suing the owners of Providence St. Joseph Hospital in Eureka, CA, for denying a...

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has imposed a $240,000 civil monetary penalty...

Senate Finance Committee Chair Ron Wyden (D-OR) has written to 8 hospitals in states with abortion bans following reports they...

Texas Attorney General Ken Paxton has announced that an agreement has been reached with a Texas-based artificial intelligence healthcare technology...

Meaningful use in healthcare is a term used to describe the requirements adopted and subsequently amended by HHS’ Centers for...

The anti-kickback law in healthcare is a federal law that prohibits individuals and organizations from offering, paying, soliciting, or receiving...

A health insurer has been ordered to repay almost $7.7 million to the New York state Medicaid program after using...

An ABN in healthcare is an Advanced Beneficiary Notice of Non-Coverage given to a Medicare beneficiary by a healthcare provider...

The Biden Administration has issued final rules updating the Mental Health Parity and Addiction Equity Act of 2008 (MHPAEA) to...

The Administrative Simplification Compliance Act is an Act passed in 2001 that requires healthcare providers and medical equipment suppliers to...

Ten days after filing its notice to appeal a District Court ruling that vacated its tracking technology guidance, the Department...

Breaches of patient confidentiality – defined as disclosures of private information without the patient’s consent – occur more often than...

The use of social media in healthcare can be beneficial or risky depending on how it is used and how...

Information blocking in healthcare is any practice by a healthcare provider, certified health IT developer, or Health Information Network (collectively...

Patient compliance in healthcare is generally considered to be the degree to which patients follow the instructions of their healthcare...

Two complaints have been filed with the Department of Health and Human Services (HHS) alleging regulatory noncompliance at two Texas...

An FQHC in healthcare is a Federally Qualified Health Center that provides low cost “safety net” medical services in an...

The Department of Health and Human Services (HHS) has applied the annual inflation update to its civil monetary penalty (CMP)...

DME in healthcare stands for durable medical equipment – defined by CMS as equipment that is used for medical purposes...

An NPI in healthcare is a ten-digit numeric National Provider Identifier issued by the Centers for Medicare and Medicaid Services...

A PACS in healthcare is a Picture Archiving and Communications System – a digital system used to store, retrieve, and...

The National Women’s Law Center and Mylissa Farmer have filed a lawsuit against the University of Kansas Health System and...

The False Claims Act in healthcare is a law that can be used by government agencies to take enforcement action...

Several major healthcare cyberattacks have been reported in the first half of 2024, including a ransomware attack on Ascension that...

PCI compliance in healthcare means securing payment account data in compliance with the Payment Card Industry Data Security Standard (PCI...

EDI in healthcare stands for Electronic Data Interchange – a system for securely transmitting information between healthcare providers, health care...

FISMA compliance is compliance with applicable standards and guidelines developed by the National Institute of Standards and Technology (NIST) following...

The confidentiality definition in healthcare is an ethical obligation to preserve authorized restrictions on access to – and disclosures of...

On 11 July 2024, Senate Committee on Commerce, Science and Transportation Chair Maria Cantwell (D-WA) held a full committee hearing,...

District of Columbia Attorney General Brian L. Schwalb recently introduced the Consumer Health Information Privacy Protection Act of 2024 (CHIPPA) to better...

In April, as required by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), the Cybersecurity and Infrastructure...

National healthcare spending in the United States amounted to $4.464 trillion in 2022 and was mostly funded by Federal health...

The Department of Health and Human Services (HHS) has published a final rule that sets financial disincentives for healthcare providers...

Personal healthcare spending in the United States averages $11,197 per person according to the latest National Health Expenditure data published...

Data protection regulators in the United Kingdom and Canada have launched a joint investigation of 23andMe over its 2023 data...

An audit of Bedford VA Healthcare System in Massachusetts by the Department of Veteran Affairs Office of Inspector General (VA-OIG)...

A recent survey of IT professionals has revealed that 37% of healthcare organizations* do not have a security incident response...

The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) has created a new web...

The American Privacy Rights Act (APRA), the successor of the American Data Privacy and Protection Act (ADPPA), has been criticized...

The Health Information Technology for Economic and Clinical Health Act (HITECH) Act of 2009 requires the HHS’ Office for Civil...

On May 6, 2024, lawmakers in Connecticut passed a bill that improves protections for home care workers and requires healthcare...

On April 22, 2024, the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology...

New York Attorney General, Letitia James, has announced a settlement with New York’s largest health network, Northwell Health, to resolve...

Mentions of ransomware in healthcare breach notifications have been in decline for some years despite evidence demonstrating that the number...

A federal data privacy law is inching closer to reality, with House and Senate Committee leaders reportedly having reached an...

A recent analysis of healthcare websites by Lokker found widespread use of Meta Pixel tracking code. 33% of the analyzed...

The HHS Office of the National Coordinator for Health Information Technology (ONC) has provided an update to Congress on the...

The Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that a $35,000 settlement has been...

HIPAA gives parents the right to access the medical records of their minor children but Kentucky lawmakers want to make...

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has proposed a rule that implements cyberattack and ransom...

Florida Governor Ron De Santis has signed the “Live Healthy” legislative package into law, which enhances current policies and includes...

U.S. Senator Bill Cassidy, M.D. (R-LA), ranking member of the Senate Health, Education, Labor, and Pensions (HELP) Committee, is seeking...

Patient confidentiality and HIPAA compliance are not the same thing because although one of the primary goals of HIPAA is...

Companies in Florida may soon be immune from lawsuits if they suffer data breaches provided that prior to the cybersecurity...

The difference between health records and HIPAA Protected Health Information (PHI) is that, while many types of organizations can maintain...

Senator Bill Cassidy (R-LA), Ranking Member of the U.S. Senate Health, Education, Labor, and Pensions (HELP) Committee, has published a...

New legislation has been introduced that seeks to establish standards and protocols to improve the matching of patients with their...

The FDA regulation of medical devices is conducted via the Administration’s Center for Devices and Radiological Health (CDRH), which not...

The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group, a public-private industry council of more than 400...

U.S. Senator Ron Wyden (D-OR) has written to the Federal Trade Commission (FTC) and the Securities and Exchange Commission (SEC)...

California Attorney General Rob Bonta has announced that a $5 million settlement has been agreed with Quest Diagnostics to resolve...

The National Institute of Standards and Technology (NIST) has published the final version of its guidance on implementing the HIPAA...

The deadline for reporting healthcare data breaches of fewer than 500 records is fast approaching.  These small data breaches usually...

Integrated healthcare compliance management consists of managing a healthcare organization’s compliance obligations and activities holistically in order to avoid business...

The Office of the National Coordinator for Health Information Technology (ONC) at the Department of Health and Human Services (HHS)...

Healthcare data breach incident response and reporting is a key area of regulatory compliance for organizations in the healthcare industry,...

A bipartisan group of senators has formed a Medicare payment reform working group which is working on new legislation that...

The U.S. Food and Drug Administration (FDA) has issued draft guidance to help registrants of drug establishments in submitting reports...

Healthcare information management is the collection, protection, and analysis of patient health information to ensure the quality and availability of...

CIS Critical Security Control 18 in healthcare – often abbreviated to CIS CSC 18, or CIS Control 18 – is...

The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) has warned Memorial Mission Hospital...

ISO/IEC 27001 in healthcare is a standard for managing the security of confidential data that sets out a framework for...

Florida leads the way for Affordable Care Act health insurance with 4.2 million people in the state having signed up...

In the context of regulatory compliance, a gap analysis in healthcare is an assessment of the required level of regulatory...

Hospital regulatory compliance means complying with the applicable standards of federal regulations such as HIPAA and OSHA, the conditions for...

Healthcare compliance program policies and procedures should consist of a combination of policies and procedures mandated by federal, state, and...

Healthcare compliance tracking software is a tool that helps healthcare organizations keep compliance programs on schedule by automating the management...

The Centers for Medicare and Medicaid Services (CMS) has announced record enrollments in Affordable Care Act (ACA) individual marketplace plans...

Outsourced healthcare compliance is when external experts or agencies take responsibility for some of an organization’s compliance obligations – either...

The Department of Health and Human Services (HHS) has unveiled the Cybersecurity Performance Goals (CPGs) that were outlined in its...

A healthcare compliance plan is a document that outlines the compliance obligations of a healthcare organization, lists what measures already...

To mark what would have been the 51st anniversary of Roe v. Wade, the White House Task Force on Reproductive...

The Federal Trade Commission (FTC) has proposed a settlement with the digital marketing platform provider and data aggregator InMarket Media...

Storing and Communicating Healthcare Information in Compliance with HIPAA When the Final Omnibus Rule enacted regulations within the Health Insurance...

There was no letup in healthcare data breaches as the year drew to a close, with December seeing the second-highest...

Healthcare compliance policy management is an important part of healthcare administration because it helps healthcare organizations and their workforces comply...

The Federal Trade Commission (FTC) has announced its first settlement with a data broker over the sale of the precise...

SOC 2 in healthcare is a privacy and security standard that can provide assurances to the C-Suite, to business partners,...

The scale of workplace violence in healthcare is unknown due to significant under-reporting; however, data from the Bureau of Labor...

A healthcare compliance program is a process of implementing policies and procedures that have been developed to support compliance with...

Assessing healthcare compliance gaps can be challenging due to first having to identify which healthcare regulations and standards an organization...

The Health Data, Technology, and Interoperability: Certification Program Updates, Algorithm Transparency, and Information Sharing (HTI-1) Final Rule was published in...

In the context of complying with HIPAA, HITRUST is one of the most commonly adopted Cyber Security Frameworks (CSFs) alongside...

HIPAA-regulated entities must ensure that protected health information (PHI) is safeguarded against unauthorized access, but many covered entities and business...

The Department of Health and Human Services (HHS) Centers for Medicare and Medicaid Services (CMS) has issued a final rule...

What is Malware? Before explaining how to protect hospital computers from malware, it is advisable to resolve any confusion about...

Due to way in which breaches of unsecured PHI are notified to HHS’ Office for Civil Rights, it is difficult...

Interoperability in healthcare means making sure information technology systems and software solutions work together seamlessly to exchange, interpret, and use...

Healthcare governance, risk management, and compliance (GRC) are the three components of an interconnected framework that can help healthcare organizations...

The case for compliance software in healthcare is that regulatory compliance in the healthcare industry is complicated by the volume...

The transition from paper files and charts to electronic health records (EHRs) promised to transform healthcare, but without full EHR...

The Government Accountability Office (GAO) has recommended the Food and Drug Administration (FDA) update its formal medical device agreement with...

Compliancy Group has been named the best healthcare compliance software provider by G2 in its Winter 2023 Reports. G2, (formerly...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published healthcare sector-specific guidance on enhancing cyber resilience. The guidance is...

On Monday, three Democratic Senators wrote to the Secretary of the Department of Health and Human Services (HHS) Xavier Becerra...

In the absence of federal legislation to protect healthcare workers, Michigan has introduced a new law that expands the definition...

Washington University (WU) is seeking confirmation from the court about whether Missouri Attorney General Andrew Bailey has the legal authority...

On December 5, 2023, the Joint Commission launched the Responsible Use of Health Data (RUHD) Certification program for U.S. hospitals...

On Wednesday, the U.S. Department of Health and Human Services published a concept paper that outlines the HHS’s cybersecurity strategy...

Fine-tuning healthcare workflow management to make improvements in efficiency, productivity, and profitability can be a difficult task, but when successful,...

On October 30, 2023, President Biden announced an executive order that establishes new standards to ensure the safe, secure, and...

Medical Eye Services (CA), Prospect Medical Services (CA), McAlester Regional Health Center (OK), PeakMed (CO), Catholic Charities of Long Island...

The American Academy of Family Physicians (AAFP) has responded to a request for information from Congress on a potential solution...

Earlier this month, the direct-to-consumer genetic testing company 23andMe issued a security alert after the genetic ancestry information of its...

The Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) have collaborated and produced a cybersecurity...

In its October 2023 cybersecurity newsletter, the HHS’ Office for Civil Rights reminds HIPAA-regulated entities of the importance of sanctions...

September was a much better month for healthcare data privacy, with the lowest number of reported healthcare data breaches since...

Dear Sen. Cassidy, The HIPAA Journal appreciates the opportunity to submit comments per your September 7, 2023, request for information...

There was a 21.4% month-over-month increase in healthcare data breaches in August. 68 data breaches of 500 or more records...

There was a 15.2% fall in reported data breaches in July with 56 breaches of 500 or more records reported...

Vanderbilt University Medical Center is being investigated by the Department of Health and Human Services’ Office for Civil Rights (OCR)...

Given the number of healthcare data breaches that are now being reported it is no surprise that patients are concerned...

On July 27, 2023, the bipartisan Value in Health Care Act was introduced and seeks to extend the 5% Medicare...

There is a common misconception that the Health Insurance Portability and Accountability Act (HIPAA) applies to health apps; however, the...

The Department of Health and Human Services’ Office for Civil Rights (OCR) breach portal shows a 12% month-over-month reduction in...

The Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) has published a Coordinated Healthcare Incident Response...

A San Francisco-based company that sells DNA test kits and personalized diet and exercise plans based on genetic testing has...

A group of 10 Senators has written to Google demanding answers about its policies for deleting sensitive location data, such...

The American Hospital Association (AHA) has urged the HHS’ Office for Civil Rights to rethink its guidance on online tracking...

Ransomware attacks increased by 91% in March 2023, according to a new analysis by NCC Group. There were 459 confirmed...

Last month, the U.S. House of Representatives’ Committee on Energy and Commerce held the third of three scheduled meetings ahead...

Washington state is on the brink of enacting a new law that will considerably expand privacy protections for consumer health...

The dark web is extensively utilized by cybercriminals and is therefore a rich source of information… information that can be...

The Department of Justice has updated its guidance for the Evaluation of Corporate Compliance Programs to incorporate directions given by...

On Thursday last week, the U.S. Senate Committee on Homeland Security and Governmental Affairs held a hearing to examine cybersecurity...

This month, the Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group (CWG) published guidance to help healthcare...

Amazon has completed its $3.9 billion acquisition of the primary care provider One Medical as the retail behemoth continues its...

In 2022, the bipartisan, bicameral American Data Privacy and Protection Act (ADPPA) was proposed to introduce a new federal data...

The Health Sector Cybersecurity Coordination Center (HC3) at the Department of Health and Human Services has issued a DDoS guide...

Two Democratic U.S. Senators – Michael Bennett (D-CO) and Mazie Hirono (D-HI) – have introduced a bill that seeks to...

A bipartisan group of senators has written to three telehealth companies demanding answers about the use of third-party tracking technologies...

Blackberry has recently published its Global Threat Intelligence Report, which provides actionable and contextualized intelligence that can be used to...

For the first time since 2015, there was a year-over-year decline in the number of data breaches reported to the...

Healthcare ransomware attacks have at least doubled in the past 5 years, data recovery from backups has decreased, and it...

The Secretary of the Department of Health and Human Services (HHS) has proposed a new rule that will require the...

A group of 10 state Attorney Generals recently wrote to Apple CEO, Tim Cook, urging the company to implement stronger...

California has taken further steps to improve protections for individuals seeking abortion care and birth control. A package of bills...

The Government Accountability Office (GAO) recently conducted a review of Medicare telehealth services provided during the COVID-19 pandemic, when a...

The ADPPA is now awaiting a House vote but there are doubts about whether the federal data privacy and protection...

The American Data Privacy and Protection Act (ADPPA) was introduced in June, was substantially revised within a matter of days,...

The Department of Health and Human Services’ Office for Civil Rights enforces the HIPAA Rules, which restrict uses and disclosures...

On Friday, the House Committee on Oversight and Reform announced that a probe has been initiated to determine how data...

President Biden has signed an executive order that aims to protect access to reproductive healthcare services following the SCOTUS ruling...

The American Data Privacy and Protection Act (ADPPA) aims to introduce federal privacy and data security protections for consumer data....

Senators Ron Wyden (D-OR), Elizabeth Warren (D-MA), and Cory Booker (D-NJ) have written to two leading mental health app providers...

Earlier this month, a draft bipartisan bill was introduced that seeks federal data privacy and protection regulations, which would replace...

Connecticut has joined California, Colorado, Utah, and Virginia in passing a comprehensive new data privacy law that establishes responsibilities for...

The American College of Physicians (ACP), American Telemedicine Association (ATA), and the Organization for the Review of Care and Health...

Healthcare data breaches are occurring in record numbers, but not all privacy and security threats come from outside the organization....

The Department of Health and Human Services’ Office of the National Coordinator for Health IT has released the final version...

A new European data privacy and security law – The General Data Protection Regulation (GDPR) – has been introduced, and...

What Countries are affected by the GDPR is a common GDPR question. The General Data Protection Regulation (GDPR) is a...

Developers of health apps and wearable devices such as fitness trackers that collect health data have been warned by the...

The National Institute of Standards and Technology (NIST) has released a draft Cybersecurity Framework Profile for Ransomware Risk Management to...

Under GDPR, companies have obligations regarding the personal data of data subjects, but there is also a separate category of...

The term ‘European Union citizen’ is often used when explaining General Data Protection Regulation (GDPR) requirements, but what happens when...

Philly Fighting COVID, a company tasked with distributing COVID-19 vaccinations to the city of Philadelphia, has had its contract with...

The American Medical Association has warned hospitals, health systems, and medical practices about the increase in cyber risks targeting the...

A team of researchers at Harvard University has investigated COVID-19 home monitoring technologies, which have been developed to decrease interpersonal...

On June 16, 2020, The National Association of Attorneys General (NAAG) wrote to Google and Apple to express concern about...

The U.S. Federal Trade Commission (FTC) is seeking comment on its breach notification requirements for non-HIPAA-covered entities that collect personally...

A federal law giving U.S. citizens new rights over their personal data has been introduced by U.S. Sen. Maria Cantwell...

The second Senate HELP Committee hearing on the proposed roles for implementing the electronic medical records provisions of the 21st...

Wyoming is considering repealing the Hospital Records Act of 1991, an act that was introduced to ensure the privacy of...

A new bill has been introduced in Massachusetts that seeks to improve protections for consumers affected by data breaches. The...

Healthcare compliance officers are prioritizing compliance with HIPAA Privacy and Security Rules, even though the majority of Department of Justice...

In response to recent data breaches, the chairmen of the U.S Senate Committee on Finance, the House Committee on Ways...

On Monday, the Trump Administration released its 2019 fiscal budget which includes major cuts to funding for the Department of...

The Centers for Medicare & Medicaid Services (CMS) has recently issued a reminder that eligible hospitals and Critical Access Hospitals...

Noncompliance with HIPAA can carry a significant cost for healthcare organizations, yet even though the penalties for HIPAA violations can...

The Senate is to vote on a national data breach notification bill – the Data Security and Breach Notification Act...

The U.S. Food and Drug Administration (FDA) has released final guidance for medical device manufacturers sharing information with patients at...

It has been a short stint as Secretary of the U.S. Department of Health and Human Services for Tom Price,...

Delaware data breach notification law is likely to be expanded to include medical information in the definition of personal information....

The challenges of developing and maintaining a custom EHR system have proved too great for the Department of Veteran Affairs....

A new data breach notification bill has been unanimously passed by the New Mexico House of Representatives bringing New Mexico one...

A lawsuit filed by plaintiffs whose ePHI was exposed as a result of a cyberattack on Excellus BlueCross BlueShield has...

The Department of Health and Human Services has published its Final Rule for the Common Rule (45 CFR part 46)....

In February 2016, the Department of Health and Human Services published a proposed change to the Confidentiality of Alcohol and...

The Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (ONC) has published its Final...

On Tuesday this week at the Splunk GovSummit in Washington D.C., The National Institute of Standards and Technology (NIST) unveiled...

The Department of Health and Human Services’ Office of the National Coordinator for Health IT (ONC) has issued guidance for...

For the past two years, Karen DeSalvo has served as the National Coordinator for Health Information Technology of the Office...

The Department of Health and Human Services’ Office for Civil Rights has published a new report on its National HIV/AIDS...

A cybersecurity volunteer association has written an open letter to healthcare industry stakeholders calling for the adoption of a Hippocratic...

The ringleader in a healthcare fraud and identity theft ring, that fraudulently obtained $24 million, has been sentenced to serve...

Yesterday, the National Association of Attorneys General (NAAG) sent a letter addressed to congressional leaders urging them to consider the...

Disgruntled patients will be lost to other healthcare providers/insurers after a data breach; however there will not necessarily be a...

In order for an individual to commit tax fraud – file false tax returns in the name of another individual...

In order to protect the privacy of Americans, Protected Health Information and other highly sensitive data must have a finite...

On March 8, 2014, three players from the University of Oregon Ducks basketball team are alleged to have repeatedly gang...

The state of Ohio is relatively quiet when it comes to HIPAA violations, but the past few days have seen...

St. Clair County Associate Judge, Heinz Rudolf, has approved a HIPAA Protective Order to allow the defendants in a wrongful...

The 21st Century Cures bill has been unanimously been passed by the House Energy and Commerce Committee today with a...

According to a recent report on CNN, cybersecurity firm Tiversa has been staging break-ins, stealing PHI, and extorting its clients...

Under current HIPAA legislation, Covered Entities (CEs) and their Business Associates (BAs) are not permitted to disclose the Protected Health...

The Cybersecurity Unit of the U.S. Department of Justice (DOJ) has produced a new set of guidelines to help organizations...

The Equal Employment Opportunity Commission (the EEOC) has proposed some long awaited rules for wellness programs, which in many cases...

The Meaningful Use program has helped encourage healthcare providers to make the move from paper files to electronic health records....

Access to healthcare can be considered a basic human right, although many counties have different views on the services that...

A recent survey conducted by eFax aimed to discover some of the main issues faced by HIPAA-covered entities when it...