Children’s Mercy Hospital Sued in the Wake of Large-Scale Data Breach

Phishing emails were the culprit behind a giant data breach at Children’s Mercy Hospital that led to the theft of 63,049 patients’ confidential information. Although the federal government has not yet sought action in relation to the breach, a private Missouri law firm filed a class action lawsuit against the hospital, seeking damages for those whose personal …

Anthem Pays Record Settlements After 2015 Security Breach

In late 2018, Anthem Inc., an independent carrier of the Blue Cross and Blue Shield Association, settled two major claims made against them in the wake of a 2015 security breach that exposed the confidential personal and employment data of 79 million people.  The breach that precipated these civil actions occurred when an employee …

HIPAA EXAMS, INC. Earns Accreditation from International Association for Continuing Education Training (IACET)

HIPAA EXAMS, INC. is pleased to announce it achieved accreditation by the International Association for Continuing Education Training (IACET). IACET Accreditation distinguishes organizations that demonstrate quality and excellence in the curriculum design and delivery of continuing education (CE). Accredited organizations, like HIPAA EXAMS, INC. meet comprehensive, evidenced-based criteria to ensure …

HIPAA Clarifications Coming as a Result of Twenty-First Century Cures Act

Shortly before the end of his term on December 13, 2016, President Obama signed the Twenty-First Century Cures Act into law. This legislation, designed to promote medical advancement, also contains several provisions that apply to protected health information (PHI) and HIPAA. Earlier versions of the bill proposed including medical research …

HIPAA Settlement Demonstrates Importance of Timely Breach Notification

HIPAA legislation requires that when more than 500 individuals are affected by a breach of protected health information (PHI), covered entities are required to notify the individuals, the media, and the U.S. Department of Health and Human Services Office for Civil Rights (OCR) “without unreasonable delay” and within 60 days. …

Inadequate Safeguards for ePHI Result in $2.2 Million Settlement

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently released a statement pertaining to a settlement with MAPFRE Life Insurance of Puerto Rico. MAPFRE agreed to a $2.2 million dollar settlement and corrective action plan for potential noncompliance with HIPAA after a USB device containing …

End-User Training is Essential to Keep Your Healthcare Data Safe

We’ve all heard the saying, “You are only as strong as your weakest link.” In the ever-growing digital world of healthcare, this is a crucial message. Hackers will look to exploit your most vulnerable areas to gain access to electronic protected healthcare information (ePHI). And they do so with dollar …