HIPAA and Licensing - Health Care Compliance Brief

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Compliancy Group

DECEMBER 9, 2024

Patient files, clinical and treatment information, and information related to insurance or claim information, constitute electronic protected health information (ePHI) under the Health Insurance Portability and Accountability Act (HIPAA). Mitigate risk through a risk management plan.

Ransomware

Ransomware Licensing HIPAA Compliance

Medical Express Ambulance Service Data Breach Affects 118K Individuals

HIPAA Journal

APRIL 16, 2025

The data potentially obtained by the threat actor included names, demographic information, dates of birth, Social Security numbers, drivers license numbers, medical information, financial information, health insurance information, usernames and passwords, and for some individuals, passport numbers.

Licensing

Licensing Health Insurance HIPAA Ransomware

When HIPAA Becomes Criminal

Healthcare IT Today

DECEMBER 20, 2022

Five former employees of Methodist Hospital in Memphis, TN, including a recently-licensed Registered Nurse, were indicted by a federal grand jury for allegedly selling medical information about car accident victims to personal injury attorneys and chiropractors. Harvey could receive up to 70 years in prison, pay a fine of $1.75

HIPAA

HIPAA Nurses Licensing Compliance

Webinars

Bridging Innovation & Patient Care: The Growing Role of AI

MORE WEBINARS

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

HIPAA Journal

APRIL 1, 2025

A comprehensive and time-intensive review of the affected accounts was recently concluded, and it was confirmed that names, addresses, Social Security numbers, drivers license numbers, bank account information, payment card information, dates of birth, medical information, and health insurance information were stored in the accounts.

Licensing

Licensing HIPAA Health Insurance

Tips for HIPAA and OSHA Training for Dental Offices

Compliancy Group

FEBRUARY 23, 2022

Keeping your dental office compliant with HIPAA and OSHA regulations is one more thing to juggle. HIPAA and OSHA training for dental offices is an essential part of compliance. Be able to prove the HIPAA and OSHA training was done. Know the most common HIPAA and OSHA citations and violations. These include: HIPAA.

HIPAA

HIPAA Compliance Licensing

What are the Penalties for HIPAA Violations?

HIPAA Journal

DECEMBER 24, 2022

Penalties for HIPAA violations can be issued by the Department of Health and Human Services’ Office for Civil Rights (OCR) and state attorneys general. In addition to financial penalties, covered entities are required to adopt a corrective action plan to bring policies and procedures up to the standards demanded by HIPAA. .

HIPAA

HIPAA Compliance Hospitals COVID-19

Vendor notebook: New AI tools to cut billing burdens, improve testing and more

Healthcare It News

MAY 12, 2023

"We're not only capitalizing on the capabilities of GPT, we're doing so in a highly secure, HIPAA-compliant manner through Microsoft Azure," he added. " Since launching its claims platform, a series of new capabilities, including prior authorizations and denials management, has been added.

HIPAA

HIPAA Medical Billing FDA Licensing

HIPAA Compliance Guidelines

HIPAA Journal

JULY 15, 2023

We have compiled these HIPAA Compliance Guidelines because HIPAA rules and regulations can be very confusing for healthcare professionals tasked with ensuring HIPAA compliance at their organization. Please use the form on this page to arrange to receive a free copy of the HIPAA Guidelines Checklist.

HIPAA

HIPAA Compliance Compliance Officers Licensing

Beacon Health System Affected by Two Business Associate Email Breaches

HIPAA Journal

MARCH 28, 2025

The post Beacon Health System Affected by Two Business Associate Email Breaches appeared first on The HIPAA Journal. Restorix sent notification letters to the affected patients on December 18, 2024. Neither incident is currently shown on the HHS Office for Civil Rights breach portal, so it is unclear how many patients have been affected.

Licensing

Licensing Health Insurance HIPAA Medicaid

What is a Limited Data Set Under HIPAA?

HIPAA Journal

JANUARY 1, 2023

A limited data set under HIPAA is a set of identifiable healthcare information that the HIPAA Privacy Rule permits covered entities to share with certain entities for research purposes, public health activities, and healthcare operations without obtaining prior authorization from patients, if certain conditions are met.

HIPAA

HIPAA Licensing Public Health Compliance

OCR will ease restrictions on telehealth tech during COVID-19

Healthcare IT News - Telehealth

MARCH 18, 2020

The HHS Office for Civil Rights announced on Tuesday that during the coronavirus pandemic it will use discretion when enforcing HIPAA-compliance for telehealth communications tools. " Wherever possible, providers should use telehealth tools from vendors that are HIPAA compliant and will enter into business-associate agreements, said OCR.

COVID-19

COVID-19 HIPAA Nursing Homes Medicare

Is Stripe HIPAA Compliant?

HIPAA Journal

JANUARY 10, 2024

Stripe is not HIPAA compliant and – other than its payment processing services – should not be used by covered entities and business associates to create, collect, store, or transmit Protected Health Information (PHI). Is Stripe HIPAA Compliant? Stripe complies with multiple US and International data privacy regulations (i.e.,

HIPAA

HIPAA US Department of Health and Human Services Fraud Telemedicine

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

HIPAA Journal

NOVEMBER 16, 2022

The review of the compromised email accounts confirmed they contain information such as names, addresses, dates of birth, driver’s license numbers, state identification card numbers, financial account numbers, usernames and passwords, payment card information, medical histories, and health insurance information.

HIPAA

HIPAA Licensing Health Insurance Fraud

Healthcare Orgs Fined for Employing Nurses on the HHS-OIG Exclusion List

HIPAA Journal

APRIL 30, 2025

Associated Clinicians of East Texas, PLLC, which does business as Diagnostic Clinic of Longview, was discovered to have employed a licensed vocational nurse who had been added to the exclusion list. The post Healthcare Orgs Fined for Employing Nurses on the HHS-OIG Exclusion List appeared first on The HIPAA Journal.

Nurses

Nurses Fraud Compliance Licensing

Atrium Health responds to new social engineering attack

Healthcare It News

SEPTEMBER 17, 2024

Driver’s license or state-issued identification number. Information that may have been accessed in the social engineering attack includes: First and/or last name. Street address. Email address. Social Security number. Date of birth. Medical record number. Bank or financial account numbers or information. Treatment/diagnosis.

Electronic Medical Records

Electronic Medical Records Health Insurance Payment Systems Licensing

Editorial: Lessons from Biggest HIPAA Breaches of 2022

HIPAA Journal

DECEMBER 23, 2022

It has been another bad year for healthcare data breaches, with some of the biggest HIPAA breaches of 2022 resulting in the impermissible disclosure of well over a million records. The Biggest HIPAA Breaches of 2022. The 12 biggest HIPAA breaches of 2022 affected almost 22.66 million patients and health plan members.

HIPAA

HIPAA Ransomware Health Insurance Compliance

Colorado Eye Clinic Investigating Suspected Ransomware Attack

HIPAA Journal

MARCH 25, 2025

The file review was completed on February 24, 2025, and confirmed that the types of data compromised included names plus some or all of the following: date of birth, Social Security number, drivers license or state identification number, medical information, and health insurance information.

Ransomware

Ransomware Licensing Electronic Medical Records Health Insurance

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

HIPAA Journal

SEPTEMBER 12, 2023

Schneck Medical Center has agreed to pay a penalty of $250,000 to resolve alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) and state laws and will implement additional safeguards to prevent further data breaches.

HIPAA

HIPAA Ransomware Health Insurance Fraud

The Most Common HIPAA Violations You Should Avoid

HIPAA Journal

JANUARY 2, 2023

The settlements pursued by the Department of Health and Human Services’ Office for Civil Rights (OCR) are for egregious violations of HIPAA Rules. Settlements are also pursued to highlight common HIPAA violations to raise awareness of the need to comply with specific aspects of HIPAA Rules. Are Data Breaches HIPAA Violations?

HIPAA

HIPAA Compliance Hospitals Medicare

Retina Group of Washington Agrees to $3.6 Million Settlement to Resolve Data Breach Lawsuit

HIPAA Journal

APRIL 16, 2025

The hackers encrypted files and stole data such as names, addresses, telephone numbers, email addresses, dates of birth, demographic information, Social Security numbers, drivers license numbers, medical record numbers, health information, payment information, and health insurance information. Bean of Siri & Glimstad LLP.

Ransomware

Ransomware Fraud Licensing HIPAA

Laboratory Services Cooperative Breach Impacts 1.6 Million People

HIPAA Journal

APRIL 11, 2025

Additional identifiers such as Social Security Numbers, driver’s license/state ID numbers, passport numbers, dates of birth, demographic data, student ID numbers, and other government identifiers. Million People appeared first on The HIPAA Journal. The post Laboratory Services Cooperative Breach Impacts 1.6

Ransomware

Ransomware Fraud HIPAA Licensing

Amazon Web Services (AWS) Helps Clinicians Work at the Top of Their Licenses

Healthcare IT Today

JANUARY 18, 2024

Shippy also reassures viewers that they can get HIPAA-compliant cloud repositories and that “we walk them through” how to create a secure network. She also believes that everybody, urban and rural, can use the cloud, and that AWS tries to “make sure they have the resources” to do so.

Licensing

Licensing HIPAA Hospitals

Azura Vascular Care Agrees to $3.15 Million Data Breach Settlement

HIPAA Journal

APRIL 1, 2025

Million Data Breach Settlement appeared first on The HIPAA Journal. Legal action was taken against Azura Vascular Care over the data breach, with the plaintiffs alleging the defendants failed to implement reasonable and appropriate cybersecurity measures to prevent unauthorized access to its network and sensitive patient data.

Licensing

Licensing HIPAA Compliance

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

HIPAA Journal

MARCH 11, 2025

The file review confirmed that the types of data compromised in the cyberattack included names, addresses, dates of birth, Social Security numbers, drivers license numbers, medical information, and health insurance information. The post Cyberattack on Sunflower Medical Group Affects 221,000 Patients appeared first on The HIPAA Journal.

Department of Veterans Affairs

Department of Veterans Affairs Licensing Ransomware Fraud

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

HIPAA Journal

AUGUST 10, 2023

The Ottumwa Fire Department in Iowa has recently fired employees for alleged violations of the HIPAA Rules and other misconduct. The post Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations appeared first on HIPAA Journal. The information involved varied from individual to individual.

HIPAA

HIPAA Ransomware Licensing Health Insurance

Neurology Practice Settles with HHS OCR for $25K

Compliancy Group

APRIL 29, 2025

The settlement resolves an OCR investigation following a ransomware attack that compromised sensitive patient dataand underscores the vital role of HIPAA Security Rule compliance in the fight against cyberthreats. Train your workforce: Tailor HIPAA training to your organizations systems and each employees job role. What Happened?

Ransomware

Ransomware HIPAA Compliance Licensing

Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals

HIPAA Journal

MARCH 25, 2025

A minority of the affected individuals had their Social Security numbers and/or drivers license numbers exposed.Individual notification letters are now being mailed to the affected individuals, and complimentary credit monitoring and identity theft protection services have been offered to individuals whose Social Security numbers were involved.

Ransomware

Ransomware HIPAA Licensing Health Insurance

How health systems can better protect patient privacy

Healthcare It News

SEPTEMBER 21, 2023

" Liederman noted that earlier in his career – pre-HIPAA – he worked at an academic medical facility where access to lab results and radiology reports was wide open. " To safely address insider snooping you have to record all the views and actions, which HIPAA requires anyway.

Governance

Governance HIPAA Ransomware Licensing

Albert Einstein Medical Center serves up telehealth from 4 vendors with FCC grant

Healthcare It News

OCTOBER 12, 2021

"Both vendors are HIPAA-compliant and work with healthcare providers nationally. "Some differences with each vendor exist in terms of how the links are sent and the availability or need for a smartphone app to conduct the visit," she continued. " USING FCC AWARD FUNDS.

COVID-19

COVID-19 Licensing Patient Satisfaction Doctors

SimonMed Imaging Confirms January 2025 Cyberattack

HIPAA Journal

APRIL 2, 2025

The post SimonMed Imaging Confirms January 2025 Cyberattack appeared first on The HIPAA Journal. At least one class action lawsuit has already been filed against SimonMed over the incident.At present, no data breach is displayed on the HHS Office for Civil Rights breach portal, so it is unclear how many individuals have been affected.

Ransomware

Ransomware Licensing HIPAA Health Insurance

Preventing Non-Compliance Consequences in Healthcare

Verisys

MARCH 6, 2025

Department of Health and Human Services (HHS) Enforces regulations like the Health Insurance Portability and Accountability Act (HIPAA) to ensure patient data privacy and security. In another case, Californias Providence Medical Institute was fined $240,000 for violating HIPAA Security Rules, which led to a data breach. Sources: ADA.

Compliance

Compliance HIPAA Licensing Governance

Healthcare Staff Database with 86,000 Records Exposed Online

HIPAA Journal

MARCH 14, 2025

states and offers a mobile app platform that connects healthcare facilities with healthcare workers such as Licensed Practical Nurses (LPNs), Registered Nurses (RNs), and Certified Nursing Assistants (CNAs). The post Healthcare Staff Database with 86,000 Records Exposed Online appeared first on The HIPAA Journal.

Nurses

Nurses Licensing HIPAA

Hillcrest Convalescent Center Announces 106K-Record Data Breach

HIPAA Journal

MARCH 11, 2025

The post Hillcrest Convalescent Center Announces 106K-Record Data Breach appeared first on The HIPAA Journal. SMC is working with its IT team and cyber security partner to evaluate its security protocols and processes to prevent similar incidents in the future.

Ransomware

Ransomware HIPAA Licensing Health Insurance

Osmind EHR integrates Zoom for psychiatry telehealth

Healthcare IT News - Telehealth

SEPTEMBER 16, 2022

Clinicians create a virtual mental health appointment using Zoom's secure, HIPAA-compliant video technology, share that link with the patient and launch the online meeting directly from the Osmind patient app. "As clinicians, we have a professional obligation to only use telehealth platforms that are HIPAA-compliant," she added.

COVID-19

COVID-19 HIPAA Telemedicine Licensing

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Bill of Health

JUNE 5, 2023

medical licensing exam , diagnose illnesses , and even outshine human doctors on measures of perceived empathy , raising many questions about how AI will reshape health care as we know it. In the field of medicine, ChatGPT already has been reported to ace the U.S. But what happens when AI gets things wrong?

Malpractice

Malpractice FDA HIPAA Doctors

Telehealth's post-COVID challenge: integrating in-person care

Healthcare IT News - Telehealth

JUNE 3, 2020

He noted the moves by the Centers for Medicare and Medicaid Services to reimburse providers for services and allow telehealth care between states , and the relaxed HIPAA regulations around technology use , as important contributors to the uptick in telehealth availability.

Telemedicine

Telemedicine COVID-19 HIPAA Medicare

HIPAA Violation Cases

HIPAA Journal

APRIL 27, 2025

HIPAA violation cases are compliance investigations that result from a data breach being notified to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) or a privacy complaint being submitted to OCR via the complaints portal. There are many different types of HIPAA violation cases.

HIPAA

HIPAA Ransomware Hospitals Compliance

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

HIPAA Journal

MARCH 18, 2022

Rather than face the financial penalties, the hospital immediately terminated its hospital license in 2004. The post Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data appeared first on HIPAA Journal. 6 years later, the property was transferred to the state after the owners failed to pay their taxes.

Licensing

Licensing HIPAA Hospitals Health Insurance

The Power of Outsourcing Medical Billing Services

Medisys Compliance

JANUARY 15, 2025

Reduced Overhead Costs: Outsourcing can help reduce overhead costs associated with maintaining an in-house billing department, such as salaries, benefits, software licenses, and training. HIPAA Compliance: Reputable billing companies adhere to strict HIPAA compliance standards, ensuring the security and confidentiality of patient data.

Medical Billing Services

Medical Billing Services Medical Billing Medical Billing Outsourcing Patient Satisfaction

Now is the time for providers to be proactive about telehealth

Healthcare IT News - Telehealth

MARCH 15, 2021

She believes HIPAA requirements for telehealth platforms will likely go back into effect, although the Office of Civil Rights is considering some changes. Alleva does have a few predictions, however. "Even if you don't have a physical location, you need to be thinking about where you're providing services."

Licensing

Licensing HIPAA Hospitals

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

HIPAA Journal

FEBRUARY 16, 2022

The system contained patients’ names, birth dates, insurance card numbers, driver’s license numbers, and copies of patients’ insurance cards and driver’s licenses. The post Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital appeared first on HIPAA Journal.

Ransomware

Ransomware Hospitals Licensing HIPAA

Amazon Clinic may delay its nationwide telehealth launch

Healthcare IT News - Telehealth

JUNE 27, 2023

They said customers who decline HIPAA consent on the website are prevented from completing their patient registration with Amazon Clinic and are redirected to a third-party provider information page.

HIPAA

HIPAA Telemedicine Licensing

2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B

Compliancy Group

JANUARY 23, 2025

See How Our Software Can Help With HIPAA Risk Assessments OSHA Policies & Procedures Training Incident Response The post 2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B appeared first on Compliancy Group. RDx Bioscience Inc.: Find out how we can help you combat FWA in your organization!

Fraud

Fraud Medicare Medicare Regulatory Compliance

The prominent issues telehealth must tackle when the pandemic passes

Healthcare IT News - Telehealth

AUGUST 25, 2021

There are several ways in which regulatory relaxations have allowed telemedicine to soar during the pandemic: HIPAA flexibility, telemedicine waivers through CMS, cost-sharing, and billing and reimbursement changes. It would be a shame for that to dissolve. The general practice of medicine is not defined by state lines.

Telemedicine

Telemedicine HIPAA Licensing Health Outcomes

Indiana Dental Practice Experiences Ransomware Attack That Exposed PHI

Medical Express Ambulance Service Data Breach Affects 118K Individuals

Webinars

Trending Sources

When HIPAA Becomes Criminal

Webinars

173,000 Patients Affected by Chord Specialty Dental Partners Email Data Breach

Tips for HIPAA and OSHA Training for Dental Offices

What are the Penalties for HIPAA Violations?

Vendor notebook: New AI tools to cut billing burdens, improve testing and more

HIPAA Compliance Guidelines

Beacon Health System Affected by Two Business Associate Email Breaches

What is a Limited Data Set Under HIPAA?

OCR will ease restrictions on telehealth tech during COVID-19

Is Stripe HIPAA Compliant?

6 HIPAA Regulated Entities Report Phishing Attacks and Unauthorized Email Account Access

Healthcare Orgs Fined for Employing Nurses on the HHS-OIG Exclusion List

Atrium Health responds to new social engineering attack

Editorial: Lessons from Biggest HIPAA Breaches of 2022

Colorado Eye Clinic Investigating Suspected Ransomware Attack

Schneck Medical Center Settles HIPAA Lawsuit with Indiana AG

The Most Common HIPAA Violations You Should Avoid

Retina Group of Washington Agrees to $3.6 Million Settlement to Resolve Data Breach Lawsuit

Laboratory Services Cooperative Breach Impacts 1.6 Million People

Amazon Web Services (AWS) Helps Clinicians Work at the Top of Their Licenses

Azura Vascular Care Agrees to $3.15 Million Data Breach Settlement

Cyberattack on Sunflower Medical Group Affects 221,000 Patients

Ottumwa Fire Department Fires Employees for Misconduct and HIPAA Violations

Neurology Practice Settles with HHS OCR for $25K

Numotion Reports Email Data Breach Affecting Almost 500,000 Individuals

How health systems can better protect patient privacy

Albert Einstein Medical Center serves up telehealth from 4 vendors with FCC grant

SimonMed Imaging Confirms January 2025 Cyberattack

Preventing Non-Compliance Consequences in Healthcare

Healthcare Staff Database with 86,000 Records Exposed Online

Hillcrest Convalescent Center Announces 106K-Record Data Breach

Osmind EHR integrates Zoom for psychiatry telehealth

Who’s Liable for Bad Medical Advice in the Age of ChatGPT?

Telehealth's post-COVID challenge: integrating in-person care

HIPAA Violation Cases

Eastern Ozarks Regional Health Sued by Arkansas AG for Failure to Secure Patient Data

The Power of Outsourcing Medical Billing Services

Now is the time for providers to be proactive about telehealth

Patient Data Compromised in Ransomware Attacks on Family Christian Health Center & Jackson County Hospital

Amazon Clinic may delay its nationwide telehealth launch

2024 DOJ False Claims Act Settlements in Healthcare Recover $1.67B

The prominent issues telehealth must tackle when the pandemic passes

Stay Connected