Blog

L.A. Care Health Plan Settles with HHS Office for Civil Rights Settles Over Potential HIPAA Security Rule Violations for $1.3 million

the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Rules with LA Care, the nation's largest publicly operated health plan that provides health care benefits and coverage through state, federal, and commercial programs. OCR enforces the HIPAA Privacy, Security, and Breach Notification Rules that set the requirements that HIPAA-regulated entities must follow to protect the privacy and security of protected health information (PHI). The settlement concludes two OCR investigations initiated from a large breach report and a media article regarding a separate security incident. Under [...]

L.A. Care Health Plan Settles with HHS Office for Civil Rights Settles Over Potential HIPAA Security Rule Violations for $1.3 millionNuLLFiX

Fraud Alert: Postcard Disguised as Official OCR Communication August 6, 2020

OCR has been made aware of postcards being sent to health care organizations disguised as official OCR communications, claiming to be notices of a mandatory HIPAA compliance risk assessment. The postcards have a Washington, D.C. return address, and the sender uses the title “Secretary of Compliance, HIPAA Compliance Division.” The postcard is addressed to the health care organization’s HIPAA compliance officer and prompts recipients to visit a URL, call, or email to take immediate action on a HIPAA Risk Assessment. The link directs individuals to a non-governmental website marketing consulting services. The postcard below is not from HHS/OCR. HIPAA-covered entities and [...]

Fraud Alert: Postcard Disguised as Official OCR Communication August 6, 2020NuLLFiX

CCHIT Announces Closure

This past week the Certification Commission for Health Information Technology (CCHIT) announced that it will be ending its service to the health IT community. The CCHIT organization spearheaded the creation of testing and certifications for health IT professionals. The organization decided to close down their operations due to the unforeseeable timing of new legislation and requirements in the future. For further explanation, read here. CCHIT announced that all of their staff are involved in the transition and work will be done on November 14, 2014. The HIMSS Foundation will be receiving all of the remaining assets of the CCHIT.

CCHIT Announces ClosureNuLLFiX

State CMS Privacy Office employee complete HIPAA Certification training for CHPSE

‘We delivered CHPSE training to a staff member of CMS, who was a key member of the Privacy Office. During our interactive sessions, our attendee was fully engaged and the discussions were both interesting and revealing. She was obviously well-informed to begin with and yet several times indicated that our training information had clarified several specific points that she had often wondered about. The instructor pointed out that our materials are taken directly from the CFR and law to ensure they are both as accurate and as current as possible. To quote her, “I have found this training very helpful and [...]

State CMS Privacy Office employee complete HIPAA Certification training for CHPSENuLLFiX

OCR Issues Guidance on Covered Health Care Providers and Restrictions on Media Access to Protected Health Information about Individuals in Their Facilities May 5, 2020

Today, the Office for Civil Rights (OCR) at the U.S Department of Health and Human Services (HHS) issued additional guidance reminding covered health care providers that the HIPAA Privacy Rule does not permit them to give media and film crews access to facilities where patients’ protected health information (PHI) will be accessible without the patients’ prior authorization. The guidance explains that even during the current COVID-19 public health emergency, covered health care providers are still required to obtain a valid HIPAA authorization from each patient whose PHI will be accessible to the media before the media is given access to that PHI. The [...]

OCR Issues Guidance on Covered Health Care Providers and Restrictions on Media Access to Protected Health Information about Individuals in Their Facilities May 5, 2020NuLLFiX

Free Webinar Recording of Office for Civil Rights (OCR) Update on HIPAA and COVID-19

Free Webinar Recording of Office for Civil Rights (OCR) Update on HIPAA and COVID-19 and recent OCR actions related to the pandemic The HHS Office for Civil Rights (OCR) hosted a webinar on April 24, 2020, for health IT stakeholders on HIPAA privacy and security issues related to COVID-19 and recent OCR actions related to the pandemic. Speakers: Timothy Noonan, Deputy Director for Health Information Privacy, OCR Marissa Gordon-Nguyen, Senior Advisor for Health Information Privacy Policy, OCR Topics include: COVID-19 and Permissible Disclosures under the HIPAA Privacy Rule Enforcement Discretion and Guidance for Telehealth Remote Communications Guidance for Disclosures to First [...]

Free Webinar Recording of Office for Civil Rights (OCR) Update on HIPAA and COVID-19NuLLFiX

Certified HIPAA Privacy Security Officer (CHPSE) Training

HIPAA Security Compliance Officer of a City Completes Certified HIPAA Privacy Security Officer Training (CHPSE Training) to help City achieve and maintain HIPAA Compliance. A newly appointed HIPAA Security Officer working for a West Coast municipality attended one of our virtual sessions. Already a certified information security professional, the attendee explained she wanted to ensure she was properly informed and prepared to assume her new role. Our Senior Instructor spoke with her to gain insight into her experience with healthcare, compliance and security, and then began the class. Over the course of the week’s class, several discussions occurred over various points she wanted clarification on, including how [...]

Certified HIPAA Privacy Security Officer (CHPSE) TrainingNuLLFiX

Healthcare Solution Provider select HIPAA Compliance Audit Services for Product of Supremus Group

A developer organization created a “Platform-as-a-Service” offering intended to facilitate healthcare telemedicine session, data creation and storage in the Cloud, and contacted Supremus regarding HIPAA compliance examination for its product. Our consultant had performed several HIPAA Audit evaluations of this type before and so engaged with the client to discuss its design and implementation process, as well as the relevant HIPAA requirements that would impact this type of product offering. Our consultant evaluated their client’s design and development processes; its prospective provisioning model; its account management components and its planned security and privacy assurance measures. Following a complete review of these areas, our consultant [...]

Healthcare Solution Provider select HIPAA Compliance Audit Services for Product of Supremus GroupNuLLFiX

Invitation for HIPAA Certification Committee

Its primary responsibilities include revising test items, writing new test items, working with the testing program manager to evaluate and improve the assessment process, working with the professional staff in overseeing the administration of the program, and recommending needed changes in prerequisite and recertification requirements, subject to the approval. Committee Size: 9 members Term: 3 years Appointments per year: Varies For more information on responsibilities, eligibility and on how to become part of the committee, visit: https://www.hipaatraining.net/hipaa-certification-committee/ Regards, Bob Mehta Director Supremus Group LLC 515-865-4591 Bob@training-HIPAA.net www.Training-HIPAA.net Ask About Our Ransomware Solution (Up to 1 million in protection) Are you Conducting Regular Network Vulnerability Assessment

Invitation for HIPAA Certification CommitteeNuLLFiX

Supremus Group LLC announces the launch of the Spanish versions of HIPAA Training for Medical Provider, Business Associates, Group Health Plan and for Call Centers

Waukee, IA, March 5, 2019– To help a growing number of Spanish speaking employees in the United States, Supremus Group LLC, a HIPAA compliance solutions and training provider, has announced exclusive certification training for HIPAA employees in the Spanish language. In a press briefing, the chief marketing officer of Supremus Group said, “We are happy to announce that the Spanish versions of our basic level courses of HIPAA for Medical Provider, HIPAA for Business Associates, Group Health Plan HIPAA course and HIPAA with CAN_SPAM for Call Center is ready for release and available for purchase.” For more information, visit HIPAA Spanish Training page. [...]

Supremus Group LLC announces the launch of the Spanish versions of HIPAA Training for Medical Provider, Business Associates, Group Health Plan and for Call CentersNuLLFiX

Title