Blog

»  Posts By    

Why Accounting Firms Need HIPAA Compliance Plans

It has been over two decades since the passage of the Health Insurance Portability and Accountability Act of 1996 (HIPAA or Act), but only in the past six years have enforcement actions demonstrated the fervor with which the government intends to compel compliance. With trends leaning toward a continued increase in enforcement activities, entities governed by HIPAA must be aware of their duties under the Act. Prior to 2009, HIPAA...

Don’t Forget Annual HIPAA Breach Reporting

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires every Covered Entity that knows or should know of a breach of Protected Health Information (PHI) to notify the individuals affected by the breach as well as report the incident to the Federal government. While a breach affecting less than 500 individuals does not require immediate reporting to the Secretary of the U.S. Department of Health and Human Services,...

OCR Announces First HIPAA Settlement for Untimely Breach Reporting

On January 9, 2017, the Office for Civil Rights (OCR) announced the first Health Insurance Portability and Accountability Act (HIPAA) settlement for violations related to untimely breach reporting. The Covered Entity, a large health care network that includes over 100 locations and eleven hospitals, became aware of a potential breach in October 2013. The entity discovered that a number of its paper-based operating room schedules were missing, and included the...

FDA Recommends Software Patch for Implantable Cardiac Device Due to Cyber Vulnerability

The Food and Drug Administration (FDA) has announced a cyber vulnerability within the St. Jude Medical radio frequency implantable cardiac device and Merlin@home Transmitter. After reviewing potential hacking threats, the FDA surmised that an unauthorized person could remotely access a patient's implanted device by altering the Merlin@home Transmitter, thereby gaining access to modify programming commands, including the administration of inappropriate pacing or shocks. While the FDA determined that the benefit...

The Necessity of HIPAA Compliance

In 2016, the Office for Civil Rights (OCR) entered into more resolution agreements, and issued costlier fines, for violations of the Health Insurance Portability and Accountability Act (HIPAA) than ever before. Compared to 2015, the total fines this year were almost triple, netting more than $23 million in civil money penalties, including the largest fine to date on any single entity, of $5.5 million. In the same vein, earlier this...