Key findings From the California Data Breach Report

In 2002, California became the first state in the country to enact a data breach reporting law to help protect consumers from the effects of having their personal data breached. In September 2014, California’s breach notification deadlines for medical information breaches were extended from 5 business days to 15 business days for clinics, health facilities, […]

Communication: The glue for a functional Accountable Care Organization (ACO)

Imagine your grandmother is hospitalized after suffering a heart attack. To everybody’s relief, she receives state-of-the-art medical care in a top-notch hospital a mere 10 miles from home. On discharge day, she is sent home with a long list of instructions, new medications, and a recommendation she follow up with her primary care doctor within […]

Verizon 2015 Protected Health Information Data Breach report highlights

The 2015 Protected Health Information Data Breach Report by Verizon brings to light issues associated with the safeguarding of protected health information (PHI), the main causes of disclosure, and advice for organizations that handle such data. While the data analysed in this report has a strong US bias (83%), the report should serve as a […]

Advice for staying HIPAA compliant when using social media

Social media is an increasingly common presence in healthcare, among providers and consumers alike. For healthcare providers, social media can be an extremely effective marketing tool, acting as a direct line of communication between current and prospective patients. Social media sites, forums and blogs also act as a valuable platform for healthcare professionals to share […]

New cybersecurity regulations for financial institutions needed, says NYDFS

Barely a week goes by nowadays without a new high profile data breach hitting the headlines. While efforts have undoubtedly been stepped up with regard to cyber security – by both covered entities and industry regulators – evidently there is still much work to be done. Last week, New York’s leading banking regulator – the […]

Second round of HIPAA audits to begin in early 2016

The first round of HIPAA audits conducted by OCR in 2012 seem like a distant memory. With the threat of audits looming since fall 2014, organizations have had longer than expected to prepare for the phase 2 audits, in part due to the delays caused by slow web portal development and OCR resources being stretched by […]

Data security the biggest concern for BYOD

A recent study has shown that BYOD (bring your own device) is decreasing amid concerns around data security. Of the organizations surveyed, 73% allowed BYOD, down from 88% in 2014. This is in contrast to the Gartner research conducted at the end of 2014, which projected that 90% of organizations would support some aspect of […]

OCR’s new HIPAA portal raising more questions than answers

Earlier this month HHS’ Office for Civil Rights (OCR) launched an online portal intended to help mobile health app developers better understand the HIPAA privacy and security rules. The OCR explains, “many mHealth developers are not familiar with the HIPAA Rules and how the rules would apply to their products. Use this site to help OCR understand what […]

Fitbit wearable tech becomes HIPAA compliant

Concerns around wearable tech meeting HIPAA compliance have been much discussed following the launch of Apple Watch, and Apple fitness and medical research frameworks HealthKit and ResearchKit. Fitbit is obviously a company that took note of these concerns after they announced that their wearable tech is now HIPAA compliant. This will allow Fitbit to expand […]