Fresenius Medical Care North America (FMCNA) has agreed to pay $3.5 million to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR), and to adopt a comprehensive corrective action plan, in order to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. FMCNA … Continue reading FMCNA to Pay $3.5 Million for Non-Compliance with HIPAA’s Risk Analysis and Risk Management Rules
See recommendations below On January 19, 2018, cybercriminals were successful in a ransomware attack on Allscripts, an electronic healthcare record (EHR) provider for healthcare providers across the United States. The attack encrypted some of Allscripts systems and prevented those healthcare providers who use those systems for their EHRs from being able to access their patient records. Not … Continue reading Allscripts EHR Ransomware Attack is Huge–How Will it Impact Healthcare Practices?
The United States Department of Health and Human Services' Office for Civil Rights has just issued a checklist and infographic to aid healthcare organizations and their vendors in quickly responding to cyberattacks in compliance with HIPAA requirements.
Does the HIPAA Breach Notification Rule apply to all Covered Entities and Business Associates, Even Smaller Ones? To many of you reading this post this question seems ridiculous. You know the answer. However, I get asked this question so frequently that I decided to answer it with a blog post to save time next time … Continue reading Are Smaller Healthcare Practices Required to Report a Ransomware or Potential Data Breach?
Healthcare data is one of the most desirable forms of data for cyber criminals to steal because its value on the cyber black market -- the Dark Web -- is much higher than most other forms of data. While there are several reasons for this, the recent study Your Life, Repackaged and Resold: The Deep … Continue reading Why is Healthcare Data So Valuable to Cyber Criminals?