ONC Report to Congress Identifies Gaps in Oversight of Privacy and Security of MHealth Technologies and Health Social Media

By | Covington eHealth | July 28, 2016

Earlier this month the U.S. Department of Health and Human Services (HHS), Office of the National Coordinator for Health Information Technology (ONC), released a report to Congress highlighting “large gaps” in policies and oversight surrounding access to and security and privacy of health information held by certain “mHealth technologies” and “health social media.”

Tweet Like LinkedIn LinkedIn Google Plus

Unencrypted PHI (Protected Health Information) On iPhone Leads to $650,000 HIPAA Penalty!

Unencrypted PHI (Protected Health Information) On iPhone Leads to $650,000 HIPAA Penalty!

The HIPAA violation in violation of a Business Associate Agreement (BAA)  resulted from extensive PHI on an iPhone which “included social security numbers, information regarding diagnosis and treatment, medical procedures, names of family members and legal guardians, and medication information” according to a recent report from the Office for Civil Rights (OCR) of U.S. Department of Health and Human Services

Tweet Like LinkedIn LinkedIn Google Plus

Boosts in Ransomware Attacks Spark Multiple Government Agency Responses

Boosts in Ransomware Attacks Spark Multiple Government Agency Responses

Following a recent U.S. government interagency report indicating that, on average, there has been an alarming 300 percent spike in daily ransomware attacks since early 2016 as compared with 2015, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) released new Health Insurance Portability and Accountability Act (“HIPAA”) guidance on ransomware.

Tweet Like LinkedIn LinkedIn Google Plus

OCR Announces First HIPAA Enforcement Action Against a Business Associate

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health Insurance Portability and Accountability Act (HIPAA) Security Rule by failing to protect electronic protected health information (ePHI).

Tweet Like LinkedIn LinkedIn Google Plus

HIPAA News Update: Ransomware Reporting Requirements Have Been Issued!

HIPAA News Update: Ransomware Reporting Requirements Have Been Issued!

“The FBI has reported an increase in ransomware attacks and media have reported a number of ransomware attacks on hospitals” and as a result the Office for Civil Rights (OCR) for the US Department of Health & Human Services (HHS) issued a Fact Sheet and report on July 11, 2016 entitled “Your Money or Your PHI: New Guidance on Ransomware.” 

Tweet Like LinkedIn LinkedIn Google Plus