HHS OCR Issues New Guidance for Malicious Workforce Threats: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The 2018 Protected Health Information Data Breach Report found that 58 percent of security incidents resulted from insiders rather than outsiders, such as hackers. Discussing .. read more
We Appreciate Your HIPAA Info Corrections and Concerns: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart, J.D.
Jon Tomes and I really appreciate your calling to our attention any problems with our HIPAA compliance tools and this blog. We like to fix .. read more
A Masochist’s Guide to Getting a Huge, Painful HIPAA Penalty: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A cynic might wonder whether some covered entities, and now business associates, want to become famous (perhaps infamous would be a better word) and break .. read more
Business Associates Face the Same HIPAA Penalties as Covered Entities: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Attorney General of New Jersey recently announced a $200,000 settlement for a HIPAA violation with a business associate, one of the classic examples of .. read more
DHHS OIG Finds Deficiencies in FDA Policies and Procedures to Address Cybersecurity Risk in Postmarket Medical Devices: HIPAA & HITECH Act Blog by Jonathan P. Tomes
As a follow-on to the previous three blog posts addressing the mIoT—that is, the medical Internet of Things―an Office of the Inspector General (“OIG”) audit .. read more
How Does a $16 Million HIPAA Violation Settlement Grab You? HIPAA & HITECH Act Blog by Jonathan P. Tomes
The Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) has announced the biggest HIPAA violation settlement yet—that is, $16 million, smashing .. read more
New California Breach Notification Law: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Governor Jerry Brown recently signed into law a California bill regarding breach notification, A.B. 2828, amending California Civil Code §§ 1798.29(a) and 1798.82(a) so that, .. read more
California Determines What Is Reasonable and Appropriate for Securing Health Information: HIPAA & HITECH Act Blog by Jonathan P. Tomes
HIPAA requires covered entities and business associates to implement reasonable and appropriate security measures in § 164.308(a)(1)(ii)(B), the risk management Administrative safeguards, but although it does .. read more
Hackers Gain Access to 4.5 Million Patients’ Data at Community Health Systems: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Attorney/Consultant Alice M. McCart
According to several national news sources, such as Fox4 News Kansas City, CNNMoney, Reuters, the Wall Street Journal, USA Today, and the Chicago Tribune, Community .. read more
HIPAA Breach in Washington, DC.
If I don’t have a topic for a blog entry, all I apparently have to do is to wait a few days, and someone will .. read more
