HIPAA

Doctors have a hard enough time treating patients and dealing with basic business operations on a day-to-day basis. It’s a difficult task to ask them to be aware of and in compliance with every section of health care regulatory laws and other standards in addition to their daily provision of care to patients. Simply stated, doctors and other health care professionals and providers face an enormous challenge trying to be aware of, understand, and comply with applicable state and federal health care regulatory laws. Consequently, health care professionals and providers are often completely in the dark on what it takes to spot compliance issues and prevent them from happening before they become serious issues. This level of awareness (or lack of it) can be summed up in one simple statement. You don’t know what you don’t know. And not having this knowledge can lead to devastating consequences.

ON Demand Courses for TLD Systems Clients

The Microsoft Threat Intelligence Briefing: Healthcare has reported that the healthcare/public health sector was one of the top 10 most impacted industries in the second quarter of 2024 and that there has been a 300% surge in ransomware attacks. There is now an entire industry of RaaS – Ransomware as a service. The same way a doctor can subscribe to have access to an EHR. Bad actors can subscribe to services that will create ransomware for them. Bad actors are also utilizing AI to create ransomware and better target ransomware attacks.

We have searched the web for HIPAA release forms that have been approved by each state. The links here bring you back to your state web site with access to state created HIPAA release forms.

Particle Health filed a federal antitrust lawsuit claiming that EPIC is blocking access to patient records.  The lawsuit states that Epic is using its power to eradicate competition in the Healthcare Marketplace.

Ransomware attacks targeting industrial organizations has reached new heights and no organization is immune.

EngageMED, a healthcare support system, filed notice of data breach. They recognized that an authorized part was able to access the company's IT network. This resulted in unauthorized access to names, addresses, dates of birth, Social Security numbers, medical information, health insurance information, and claim information.

The Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying people whose protected health information or other personally identifiable information (PII) may have been compromised in connection with Medicare administrative services provided by WPS. WPS is a CMS contractor that handles Medicare Part A/B claims and related services for CMS.

A breach at Health Equity occurred because a user account of one of HealthEquity’s vendors was compromised and their password stolen, which was used by the malicious hacker to access the data repository.