Welcome to the QI Express Security and Privacy BlogYour No. 1 Guide to Healthcare Regulatory Compliance
Few tips and best practices that will be helpful for organizations looking to get outstanding Business Associate Agreements executed.
Faxing PHI is still a prevalent method of transferring information throughout the entire healthcare ecosystem. While the technology is rapidly changing in many areas of the industry, it is important to remember that “low-tech” methods can be useful in keeping faxed...
Last week the latest ransomware worm is spread across the world. It encrypts files and demands a ransom payment in return for the decryption key. This malware attack is commonly called “Petya” and, as a worm, it can spread from one computer to another without human...
On Friday, attorneys announced a $115 million settlement to customers affected by the 2015 Anthem data breach. It is believed to be the largest settlement related to a data breach in history. Approximately 79 million people were affected by the breach. The...
HIPAA does not preclude you from using pictures or testimonials in your marketing materials. However, HIPAA does require that a patient authorize the use.
Email is as essential to efficient business as nearly any other tool we have. Because of its pervasiveness and the massive amounts of sensitive information that is contained in emails, it also poses a major target for bad actors. The FBI’s Portland Field Office...
Last Fall CMS released new emergency preparedness rules. In total, there are 17 types of organizations that must comply by November 15.
Over the weekend a disturbing story emerged that highlighted the horror that can be caused by a poor understanding of HIPAA. A young woman in Flint, Michigan opened fire on family members. A hospital, which had recently treated the woman for mental illness,...
Three steps you should immediately take to prevent your organization from falling victim to cyber attack like WannaCry.
Using out of date software, or software that is no longer supported by the manufacturer poses a risk to PHI and increases vulnerabilities in healthcare
Ransomware attacks can be prevented with a multi-faceted approach – it’s a combination of high-tech and low-tech solutions.
Implementing policies and procedures can be a time consuming process. Here is a step-by-step approach to help guide your efforts.
Last week a $400,000 HIPAA settlement with Metro Community Provider Network (“MCPN”), a Federally Qualified Health Center (“FQHC”) in Colorado was announced
A great way to ensure staff are only accessing the minimum amount of PHI necessary to do their job, is by implementing role based access control.
The FBI announced last week that cyber criminals are targeting the medical and dental industries through FTP services operated in “anonymous” mode.
Subscribe to the HIPAA Highlight
Click here to receive our weekly HIPAA Highlight.