ePHI

Telehealth and COVID-19, Protecting ePHI

The traditional means of patients seeking treatment (in-person) has been disrupted and has accelerated the need for hospitals and clinics to adopt telehealth technologies. As organizations adopt these new technologies, precautions and appropriate safeguards should be taken to ensure ePHI stays secure.

SRAT expectations vs reality comparing the state of two couches

Everything you need to know about SRAT version 3.0.1

At HIPAA One we believe the SRAT tool can be an effective training tool for compliance professionals and recognize that it does have its merits and although we are admittedly biased, we’re going to outline everything you need to know about the 3.0.1 update

UPDATE: Risks beyond ARRA, HITECH and HIPAA: PHI = $1,000 per individual = $4.9 Billion charge to TriCare

This is an example of a “hole” allowing unencrypted backup tapes to leave the facility and led to one of the largest ePHI breaches in history. Had they a solid HIPAA Risk Analysis covering encryption and ePHI disclosure policies, this breach would not had been a breach.  Or shown due diligence to help convince the judge …

UPDATE: Risks beyond ARRA, HITECH and HIPAA: PHI = $1,000 per individual = $4.9 Billion charge to TriCare Read More »

Stanford University Hospital breach – UPDATE – From $250K file to $2.1M

Earlier in September, 2011, Stanford University Hospital was fined $250K under HIPAA by the State of California.  As Stanford U.H. filed an appeal, they were served papers with a $20M lawsuit.    That is 20,000 (ePHI records) times $1,000 per record equals $20,000,000. http://www.healthdatamanagement.com/news/breach-hospital-notification-hipaa-privacy-43379-1.html?ET=healthdatamanagement:e2051:197714a:&st=email&utm_source=editorial&utm_medium=email&utm_campaign=HDM_Daily_101411 Per the article, “The lawsuit, seeking a $1,000 award for each affected patient, alleges violation of state law that …

Stanford University Hospital breach – UPDATE – From $250K file to $2.1M Read More »

Indiana University Health Data Breach Affects 3,000+

Ok my blog isn’t dedicated solely to reporting breaches but another breach hit the news. Here is a statement from Indiana University: http://medicine.iu.edu/research/clinical-trials/media-alert-faqs/ HIPAA Risk Analysis requires any PCs that move around (i.e. laptop) be encrypted. This is item #1 on risks using laptops with ePHI on them. Bitlocker anyone? A related article on the …

Indiana University Health Data Breach Affects 3,000+ Read More »

Scroll to Top