Call Us Today! 515-865-4591|Bob@hipaatraining.net

NuLLFiX

About NuLLFiX

This author has not yet filled in any details.
So far NuLLFiX has created 5 blog entries.

The Department of Health and Human Services’ Office for Civil Rights has fined a nursing facility in New Jersey for not promptly granting access to patient records

Essex Residential Care, LLC, must pay $100,000 as a result of failing to adhere to HIPAA's Right of Access. The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), has declared a civil monetary penalty of $100,000 against Essex Residential Care, LLC, operating as Hackensack Meridian Health, West Caldwell Care Center (“Hackensack Meridian Health”), a skilled nursing facility offering long-term care and rehabilitation services. The penalty stems from an investigation by OCR into Hackensack Meridian Health's violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule, specifically for failing to promptly provide a [...]

The Department of Health and Human Services’ Office for Civil Rights has fined a nursing facility in New Jersey for not promptly granting access to patient records

HHS’ Office for Civil Rights Settles HIPAA Investigation with Phoenix Healthcare

Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a resolution with Phoenix Healthcare, a nursing care organization in Oklahoma with multiple facilities, regarding a potential violation under the Health Insurance Portability and Accountability Act (HIPAA) Right of Access provision. This settlement marks the 47th enforcement action in the OCR Right of Access Initiative. It mandates that individuals or their personal representatives must have timely access to their health information. According to HIPAA regulations, covered entities must grant access to protected health information within 30 days of receiving a request from an individual. OCR's [...]

HHS’ Office for Civil Rights Settles HIPAA Investigation with Phoenix Healthcare

Optum Medical Care Resolves Several HIPAA Complaints with OCR Regarding Patient Record Access

This agreement signifies the 46th enforcement action in the OCR Right of Access Initiative. On December 15, The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), recently settled with Optum Medical Care of New Jersey (formerly Riverside Medical Group and Riverside Pediatric Group). This medical group, serving patients in New Jersey and Southern Connecticut, faced multiple complaints alleging potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule's Right of Access provision. According to the settlement, Optum failed to provide individuals or their representatives timely access to their health information as required by [...]

Optum Medical Care Resolves Several HIPAA Complaints with OCR Regarding Patient Record Access

HIPAA Fine of $480,000 imposed by HHS’ Office for Civil Rights on Louisiana Medical Group Following Discovery of Extensive Phishing Cyber Attack Impacting Almost 35,000 Patients

Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), disclosed a resolution with Lafourche Medical Group, a Louisiana-based medical entity specializing in emergency medicine, occupational medicine, and laboratory testing. The agreement concludes an inquiry prompted by a phishing attack that impacted the electronic protected health information of around 34,862 individuals. Phishing, a form of cybersecurity attack, involves deceiving individuals into revealing sensitive information through electronic means, like email, by posing as a trustworthy entity. This settlement represents the first instance in which OCR has addressed a phishing attack under the Health Insurance Portability and Accountability Act [...]

HIPAA Fine of $480,000 imposed by HHS’ Office for Civil Rights on Louisiana Medical Group Following Discovery of Extensive Phishing Cyber Attack Impacting Almost 35,000 Patients

How Sanction Policies Can Support HIPAA Compliance

Last year, the Health Sector Cybersecurity Coordination Center (HC3) under the Department of Health and Human Services (HHS) issued a threat brief outlining various social engineering tactics employed by hackers to infiltrate healthcare information systems. The brief recommended multiple protective measures to counter social engineering, one of which emphasized holding every department accountable for security. An organization's sanction policies foster accountability and enhance cybersecurity and data protection. Sanction policies serve as valuable tools in addressing the deliberate actions of malicious insiders, such as data theft by identity theft rings, and addressing instances where workforce members fail to adhere to policies and [...]

How Sanction Policies Can Support HIPAA Compliance

Title

Go to Top