The California Medical Information Act (CMIA), which differs slightly from the Federal Health Insurance Portability and Accountability Act (HIPAA), was updated in 2004 to require healthcare providers to obtain annual written authorization from a patient for certain disclosures of protected…
It seems like almost every other day, the national media reports on a new data breach. From large corporations to mom-and-pop local businesses, hackers do not discriminate on their targets. Small and mid-sized businesses like dental practices are often targeted…
On February 21, 2024, Change Healthcare, a subsidiary of UnitedHealth Group and one of the largest healthcare technology companies in the United States, experienced a crippling ransomware cyberattack, considered to be the most serious incident of its kind against a…
The Security Rule under the US Health Insurance Portability and Accountability Act (HIPAA) requires dental providers, as HIPAA-covered entities, to adopt adequate means for safeguarding the confidentiality, integrity, and availability of electronic protected health information (ePHI). One of these safeguards…
Recently, the US Department of Health and Human Service (HHS) Office for Civil Rights (OCR)announced three separate Resolution Agreements for potential violations by healthcare providers. The first incident involved a potential violation of federal civil rights laws, while the second…
On December 14, 2022, the Department of Health and Human Service (HHS) announced a resolution agreement with New Vision Dental, a dental practice in California, over the impermissible disclosure of patient protected health information (PHI) in response to online reviews,…
The US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released a new edition of its online OCR Cybersecurity Newsletter, dated October 2022. The Newsletter reviews security procedures to follow in the event of a…
On March 28, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced four new enforcement actions against healthcare providers for violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. Three of…
In the wake of the Russian attacks against Ukraine, the American Dental Association (ADA) published an article in ADA News advising dentists to be on alert for cyberattacks. This article follows a joint warning issued by the US Cybersecurity and…
On April 29, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that the National Institute for Standards and Technology (NIST) is planning to update the NIST Special Publication (SP) 800—66, Revision 1, An Introductory…
