Skip to main content
  • Helping you with HIPAA Security Solutions.
  • Call Us (631) 403-6687
  • Office HrsMon - Fri: 9.00am to 5:00pm

HIPAA

HIPAA

Maintain a Culture of Compliance: November

by Tahlia Brody, CHP, VP of Customer Service TLD Systems

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address HIPAA training, encrypting your drives and Business Associate Agreements
Read More
HIPAA

Even Governments can be fined for HIPAA Violations

by Dr. Michael Brody, DPM, CEO TLD Systems

New Haven, Connecticut failed to terminate an employee’s access to their Health Records System after the employee left. The former employee may have accessed a file containing the Protected Health Information of only 498 Patients.
Read More
HIPAA

Aetna Settles three HIPAA Breaches for $1,000,000

by Michael Brody

Aetna has agreed to pay $1,000,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA)
Read More
HIPAA

Understanding the HIPAA Right of Access Rule

by Dr. Michael Brody, DPM, CEO TLD Systems

When we discuss HIPAA most of the articles have been on security and breaches, but HIPAA goes well beyond privacy and Security.  One aspect of the HIPAA rule is the “Right of Access”.   OCR (The Office for Civil Rights – the branch of HHS the enforces HIPAA) is enforcing this law even more strongly since the 21 Century Cures Act was published.  OCR has begun to levy fines against organizations that are in violation of the “Right of Access” rule.
Read More
HIPAA

Paying Ransomware may be a Violation of Federal Law

by Dr. Michael Brody, DPM, CEO TLD Systems

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has released an Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments. Financial institutions, cyber insurance firms, and companies that facilitate payments on behalf of victims may be violating OFAC regulations.
Read More
HIPAA

Huge Ransomware Attack Takes Down Hospital System

by Dr. Michael Brody, DPM, CEO TLD Systems

Universal Health Systems was hit with a ransomware attach this week. Their servers began to fail over the weekend and Hospitals across the country completely lost access to their EHR systems. As a result of this attack many facilities were forced to go to pen and paper for medical record keeping. In many locations the nursing staff did not have access to medication lists and had no way ok knowing which medications patients needed, how much to dose, or even who needed medications.
Read More
HIPAA

Maintain a Culture of Compliance: September

by Tahlia Brody, CHP, VP of Customer Service TLD Systems

in order to be HIPAA Compliant, you must maintain a "Culture of Compliance" at your office. This can include keeping your software up-to-date, regular required training and addressing risks that pose to your office. This month we address HIPAA training, encrypting your drives and Business Associate Agreements
Read More
Clinic Pays $1.5 Million for Data Breach
HIPAA

Clinic Pays $1.5 Million for Data Breach

by Dr. Michael Brody, DPM, CEO TLD Systems

Very often we have companies that provide us with computer hardware and software support can access our computer systems. The question is how secure are our trusted partners? In this case an Orthopedic Clinic did not properly manage access to their network and it cost them $1.5 million.
Read More
HIPAA

Time to Get Your Drives Encrypted

by Tahlia Brody, CHP, VP of Customer Service TLD Systems

Have you encrypted your laptops? No? You should probably start thinking about getting those devices encrypted.
Read More
HIPAA

Information Blocking and the 21st Century Cures Act

by Dr. Michael Brody, DPM, CEO TLD Systems

Under the new law known as the 21st Century Cures Act, information blocking is now ILLEGAL. That means if you get a request from another provider for patient information, you are required to provide that information. The Office of Inspector General at OIG can investigate all claims of information blocking by providers and can levy fines and / or enforce Corrective Action Plans (CAP).
Read More