" omnibus Archives - Page 2 of 2 - LuxSci

Posts Tagged ‘omnibus’

Willful Negligence of HIPAA Costs a Dermatology Company $150,000

Thursday, January 9th, 2014

HITECH and Omnibus put teeth in HIPAA.  These teeth are starting to take serious bites out of organizations that are willfully neglectful of their responsibilities under HIPAA.

On December 28, 2013, Concord, Massachusetts-based Adult & Pediatric Dermatology (APDerm) agreed to pay $150,000 to settle potential violations of  HIPAA rules and agreed to implement corrective actions.

This organization lost ePHI for about 2,200 individuals that was located on an unencrypted thumb drive.  We have talked before about the dangers of thumb drives in the context of HIPAA.  We have also noted other cases where companies where charged due to the loss of ePHI.  The notable difference here is that investigation showed that APDerm: (ref)

…had not conducted an accurate and thorough analysis of the potential risks and vulnerabilities to the confidentiality of ePHI as part of its security management process.  Further, APDerm did not fully comply with requirements of the Breach Notification Rule to have in place written policies and procedures and train workforce members.

This settlement is the first ever for charges against a covered entity or business associate for failing to adopt required policies and procedures for breach notification.  APDerm was willfully negligent in not bothering to develop and follow the required HIPAA policies and procedures and that negligence resulted in a breach. 

Read the rest of this post »

What exactly does HIPAA say about Email Security?

Friday, August 30th, 2013

Performing daily business transactions through electronic technologies is accepted, reliable, and necessary across the nation’s healthcare sectors. Therefore, electronic communications and email have become a standard in the healthcare industry as a way to conduct business activities that commonly include:

  • Interacting with web-savvy patients;
  • Real time authorizations for medical services;
  • Transcribing, accessing and storing health records;
  • Appointment scheduling;
  • Referring patients; and
  • Submitting claims to health plan payers for payment of the services provided.

Read the rest of this post »

How the HIPAA Omnibus Rule Affects Email, Web, FAX, and Skype

Monday, May 6th, 2013

We have written extensively in the past about the impact of HIPAA regulations on email services, web hosting, faxing, and Skype use.  The recent HIPAA changes reflected in the Omnibus rule have a significant impact on the use of these types of services.  Here, we examine the new and important considerations based upon the HIPAA Omnibus Rule.

Read the rest of this post »