HIPAA Compliant Data Center

$1.4 Million Walgreens Love Triangle

love triangle

High-Profile Healthcare Lawsuit Sets Disturbing Precedent for HIPAA Compliance

This piece argues for independently audited self-encrypting HIPAA storage as a service for healthcare companies. We review it within the broad enforcement and liability context, proceeding as follows:

  • Data Privacy Monitor: Surge of fines expected this year
  • Indianapolis Star: $1.4 million Walgreens love triangle
  • Analysis: Case places further pressure on the industry
  • Defense: Walgreens perspective & vicarious liability
  • In it together: Business associates post-Omnibus

Read More

HIPAA Final Rule, Disaster Recovery & Business Associate Shared Liability

Doctor from computer screen - Healthcare or computer security co

Every healthcare organization knows about the importance of the Health Insurance Portability and Accountability Act of 1996. That law has of course been updated over time. The most recent change has been the HIPAA Omnibus Final Rule, which went into effect September 2013.

Read More

HIPAA Compliance for Hospitals & ASP’s: Avoid the Wall of Shame & Stay Within Budget


The current enforcement landscape

“Knowing what’s in the pipeline, I suspect that that number will be low compared to what’s coming up.” – Department of Health & Human Services OCR Counsel Jerome B. Meites, referring to the $10 million collected in HIPAA settlements from June 2013 to June 2014

Read More

Compliance Climate & On-Demand HIPAA Real World Scenario

Medical Technology

Introduction – rising pressure

The pressure on healthcare providers, plans, and clearinghouses is mounting. Data Privacy Monitor reported in June 2014 that HHS (Health and Human Services) enforcement was expected to increase, per a comment made by a legal official at a local meeting of the American Bar Association held in Chicago.

Read More

HIPAA Questions Answered – A Real World Scenario

male doctor with stethoscope and virtual screen

Topics: Cyber Liability Insurance, Patching, Disaster Recovery, Encryption at Rest & Data Destruction

Healthcare companies around the United States know that they must meet the standards of two landmark pieces of healthcare legislation, HIPAA (Health Insurance Portability and Accountability Act of 1996) and HITECH (Health Information Technology for Economic and Clinical Health Act of 2009). Although of course many healthcare providers, plans, and data clearinghouses care about the privacy and security of their patient information, these regulations sought (in part) to make failing to protect sensitive medical data extremely unattractive.

Read More

Stay Connected With Us