Articles Tagged With: PHI
-
OCR’s Report to Congress Shows Increase in Complaints
The Office for Civil Rights’ annual report to Congress showed “significant increases” in HIPAA complaints — 34,077 new complaints in 2021, a 25% increase from 2020. Complaints increased 39% from 2017 to 2021.
-
Breaches Sometimes Kept Secret, but Decision Is Highly Dangerous
Cybersecurity professionals often are told to keep breaches confidential, according to a recent survey that suggests healthcare organizations may be risking serious consequences for not reporting the improper loss of protected health information controlled by HIPAA.
-
Reality TV Shows Still Pose Great Risks to Hospitals
Even after hospitals were fined millions of dollars for participating in reality TV shows, some healthcare facilities are allowing cameras in again. The experience comes with great risk. The Office for Civil Rights has penalized hospitals for HIPAA violations related to reality TV.
-
Killnet Group Targets U.S. Hospitals with Cyberattacks
Hospitals and health systems should review their defenses against the cyber breach known as Distributed Denial of Service in response to threats from the pro-Russia hacktivist group known as Killnet. More than a dozen hospitals have been hit by Killnet attacks, taking down forward-facing webpages and breaching protected health information.
-
Tracking Software Can Lead to HIPAA Violations
The HHS Office for Civil Rights has released a bulletin warning the use of website tracking technologies could result in HIPAA violations. Covered entities need to review their use of these tracking technologies and make necessary improvements.
-
Proper Disposal of PHI Required, Often Overlooked
The Office for Civil Rights announced a settlement with a Massachusetts dermatology clinic regarding the improper disposal of PHI, which serves as a reminder HIPAA compliance is not only about protecting data from hackers. Covered entities also are responsible for disposing of PHI appropriately.
-
Online Collaboration Platforms Create HIPAA Exposures
Business communications are rapidly and dramatically moving from email to various collaboration platforms like Slack, Workplace by Meta, and Microsoft Teams. PHI can easily end up stored as part of collaboration data — a relatively new data set that is uniquely different from other electronic channels because of its fragmented and nuanced nature.
-
Video Recording Raises Risk, Requires Policy Consideration
Video recording has been problematic in healthcare for decades, ever since the home video camera became common. With the proliferation of smartphones and remote video monitoring, hospitals and health systems are facing a new wave of questions and potential risks from video recording in patient care settings.
-
Hospital EDs May See Legal Issues After Abortion Ruling
The Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, sending the issue of abortion rights back to the states, could lead to difficult legal situations for some EDs. Risk managers should consider their state laws and plan for potential issues. One of the first issues to consider is how laws restricting abortion intersect with EMTALA.
-
Tracking Tool on Hospital Websites Can Lead to HIPAA Breaches
Many hospital websites include a tracking tool that collects protected health information and sends it to Facebook, posing the risk of major HIPAA breaches. In some cases, the hospital leadership has no idea such a tracking tool is on their website. The tracker automatically sends Facebook a packet of data when a consumer schedules a doctor’s appointment on the website.