breach notification Archives - Veterans Press, Inc.

Is a Ransomware Attack Reportable to HHS? HIPAA & HITECH Act Blog by Jonathan P. Tomes

Perhaps I should rename this blog the HIPAA Ransomware Blog because that seems to be the main topic of recent blogs. Not only are such .. read more

On December 14th, 2020, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach notification, HIPAA policies, ransomware attack reportable to HHS, risk analysis

Jon Tomes Will Be Presenting an All-Day, Live, and In-Person HIPAA Seminar in San Francisco in 3 Weeks: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart, J.D.

If you will be in San Francisco about 3 weeks from now and need HIPAA compliance training, go to https://www.compliancekey.us/seminar-details?industryId=3&seminarid=36&speakerid=124 to sign up. The HIPAA .. read more

On January 31st, 2020, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, business associate, compliance, criminal HIPAA violation, data breach, HHS, HIPAA civil money penalties, HIPAA seminar, HIPAA violation, HITECH Act, Jonathan P. Tomes, OCR, Privacy Rule, risk analysis, Security Rule

We Appreciate Your HIPAA Info Corrections and Concerns: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart, J.D.

Jon Tomes and I really appreciate your calling to our attention any problems with our HIPAA compliance tools and this blog. We like to fix .. read more

On July 23rd, 2019, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach notification, compliance, HHS, HIPAA, HIPAA info corrections, HITECH, identity theft, Jonathan P. Tomes

HHS Civil Money Penalties (“CMPs”) Aren’t the Only Ones! And Do You Need Insurance? HIPAA & HITECH Act Blog by Jonathan P. Tomes

UCLA Health recently settled a class action lawsuit against it for $7.5 million. The plaintiffs were victims of a hack attack on UCLA’s network that .. read more

On April 15th, 2019, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, civil money penalties, CMP, compliance, data breach, encryption, HHS, HIPAA civil money penalties, HIPAA training, HIPAA violation, HITECH, Jonathan P. Tomes, PHI

Lack of Business Associate Agreement Costs $500,000! HIPAA & HITECH Act Blog by Jonathan P. Tomes

Advanced Care Hospitalists PL (“ACH”) recently settled a Department of Health and Human Services (“DHHS”) Office for Civil Rights (“OCR”) enforcement action for $500,000 for .. read more

On March 31st, 2019, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, business associate, business associate agreement, data breach, EHR, HHS, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, lack of business associate agreement, OCR investigation, Office for Civil Rights, PHI, Privacy Rule, risk analysis, Security Rule

How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes

The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more

On October 28th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, compliance, data breach, HHS, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HIPAA violation settlement, HITECH, HITECH Act, identity theft, Jonathan P. Tomes, OCR, risk analysis, Security Rule

Another State Fine for a HIPAA Security Breach: HIPAA & HITECH Act Blog by Jonathan P. Tomes

As we’ve previously noted in this blog, the Office for Civil Rights (“OCR”) of the Department of Health and Human Services (“DHHS”), the Federal Trade .. read more

On September 12th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach notification, compliance, criminal conviction, criminal HIPAA violation, data breach, EHR, EPHI, HHS, HHS audit, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, OCR, PHI, risk analysis, Security Rule, state fine for HIPAA security breach

Securing EHRs on Mobile Devices—New NIST Guidance: HIPAA & HITECH Act Blog by Jonathan P. Tomes

The single biggest category of DHHS civil money penalties involves loss or theft of EHRs on mobile devices. The only guidance in the Security Rule .. read more

On August 19th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, breach, breach notification, compliance, criminal conviction, criminal HIPAA violation, EHR, EHRs on Mobile Devices, emr, encryption, EPHI, HIPAA, HIPAA civil money penalties, HIPAA compliance, HIPAA policies, HIPAA training, HITECH, HITECH Act, Jonathan P. Tomes, NIST, PHI, risk analysis, Security Rule

Must You Audit Your Business Associates for HIPAA Compliance? HIPAA & HITECH Act Blog by Jonathan P. Tomes

Now that the HITECH Act and the Omnibus Rule have made covered entities potentially liable for breaches by their business associate, see Compliance Hit: Expanded .. read more

On August 12th, 2018, posted in: HIPAA Compliance Blog by Alice Tags: Alice M. McCart, audit, audit your business associates, breach, breach notification, business associate, cloud, compliance, data breach, EHR, emr, HHS, HHS audit, HIPAA, HIPAA compliance, HIPAA policies, HIPAA training, HIPAA violation, HITECH, HITECH Act, Jonathan P. Tomes, Omnibus Rule, PHI, Privacy Rule, risk analysis, Security Rule

Biggest HIPAA Civil Money Penalty Yet—How Does $5.5 Million Sound? HIPAA & HITECH Act Blog by Jonathan P. Tomes

Memorial Healthcare System (“MHS”) settled with the U.S. Department of Health and Human Services (“DHHS”) for $5.5 million for potential violations of the Health Insurance .. read more