Breach

When a breach occurs, offices are required to notify the patients whose information may have been compromised in the breach. This is known as the Breach Notification Rule.

Under the HITECH Act, passed in 2009, the secretary is required to post all breaches affecting 500 or more patients to the internet. This applies to all medical providers and Business Associates. This web site is commonly referred to as the HIPAA Wall of Shame. You can find it at https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf

Many cybersecurity events and breaches are the result of us failing to keep our computers and computer programs up to date. The process of keeping our systems up to date is known as PATCHING.

A HIPAA breach has lasting impacts. A breach will trigger an investigation and may result in civil penalties. A breach can erode the patient trust in the provider and the medical community. A breach also opens your office up for litigation.

Cybersecurity threats in 2021 were the largest ever. Experts anticipate that the digital environment in 2022 will be even more dangerous. The American Dental Association was hit by a cyberattack that stole personal information and disrupted services.

Patients have filed a lawsuit against SuperCare over a HIPAA Breach. SuperCare failed to maintain adequate security to protect patient records.

The most recent breach was reported by QRS Healthcare Solutions who has the EHR product Paradigm. What does this mean and what can you learn to protect your practice?

Just a few days ago Cybernews reported the largest compilation of emails and passwords were leaked on a public forum.

Amidst all of the other events in Washington DC in January, a law was passed that amended the HIPAA Regulations. . The amendment requires the department of Health and Human Services to take certain items into account during a HIPAA investigation. The text of the bill reads as follows:

It is important to realize that many of the devices in your office may contain patient information, even after you are no longer using the devices. Information can be stored in hard drives and memory that is on circuit boards and if the information finds it way into the wrong hands you have a HIPAA Violation.