New Ransomware Policy Posted for Premium Members: HIPAA & HITECH Act Blog by Jonathan P. Tomes
Ransomware continues to be one of the most serious threats to health information and may be the most serious threat, so you may need a .. read more
Dental Practice Yelps to the Tune of $10,000 HHS OCR HIPAA Fine: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A patient of Elite Dental Services of Dallas, Texas left a review of the practice on Yelp, a business directory service out of San Francisco. .. read more
Deny Me My Records? Pay $85,000 under the HIPAA Right of Access! HIPAA & HITECH Act Blog by Jonathan P. Tomes
I have previously written about one of the easiest ways to get a civil money penalty (or a state sanction (see California)—that is, failing to .. read more
HHS OCR Issues New Guidance for Malicious Workforce Threats: HIPAA & HITECH Act Blog by Jonathan P. Tomes
The 2018 Protected Health Information Data Breach Report found that 58 percent of security incidents resulted from insiders rather than outsiders, such as hackers. Discussing .. read more
Change to 42 C.F.R. Part 2? HIPAA & HITECH Act Blog by Jonathan P. Tomes
As substance abuse treatment providers know, 42 C.F.R. Part 2 “trumps”―that is, preempts―the HIPAA Privacy Rule because it gives more protection for substance abuse treatment .. read more
We Appreciate Your HIPAA Info Corrections and Concerns: HIPAA & HITECH Act Blog by Jonathan P. Tomes with Guest Commentator Alice M. McCart, J.D.
Jon Tomes and I really appreciate your calling to our attention any problems with our HIPAA compliance tools and this blog. We like to fix .. read more
Who’s the Biggest Ransomware Attack Target? YOU!: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A recent, May 1, 2019, study by the endpoint security firm Cylance determined that the health care industry was the biggest target for malware attacks .. read more
DHHS Clarifies When OCR Can Sanction BAs with a CMP: HIPAA & HITECH Act Blog by Jonathan P. Tomes
To clear up confusion about business associate liability for HIPAA violations, on May 24, 2019, the Department of Health and Human Services (“DHHS”) Office for .. read more
Building Security—More Than Just Locks on the Doors: HIPAA & HITECH Act Blog by Jonathan P. Tomes
In this digital world, forgetting about something as low-tech as physical security of the building in which a covered entity or a business associate is .. read more
Health Care Data Security Generally Sucks: HIPAA & HITECH Act Blog by Jonathan P. Tomes
A recent study by Forescout Technologies, Inc., an internet of things (“IoT”) company in San Jose, California, concluded that the health care industry’s data security .. read more