Tag Archives: healthcare

Deeper Dive: Frequency and Severity

All industries are affected by cyberattacks, but how often and to what extent they occur vary greatly by industry type. Industry Type As for frequency, the healthcare industry in 2016, for the third year in a row, saw the greatest number of incidents and by a wide margin. Specifically, about 35 percent of the incidents … Continue Reading

Business Associates in the Crosshairs: Catholic Health Care Services Settles for $650,000 for Failure to Safeguard PHI

Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) recently agreed to enter into a $650,000 resolution agreement and a two-year corrective action plan (CAP) with the Office for Civil Rights (OCR). CHCS provides management and information technology services as a business associate to six nursing homes. The OCR settlement follows a finding that … Continue Reading

Deeper Dive: Integrating Physician Practices into a Health System’s HIPAA Privacy and Security Program

The healthcare industry shift to a value-based business model is resulting in greater alignment between hospitals and physicians to provide quality, outcomes driven care in order to receive payment for health care services. Prior to implementation of the Affordable Care Act, physicians more often were independent practitioners who held medical staff privileges to care for … Continue Reading

2015 BakerHostetler Security Incident Response Report Provides Insight Beyond Technical Incidents

There is no longer a debate – security incidents are inevitable. Organizations are working to be better prepared to respond when the first sign of an incident is detected (often at 4:30 p.m. on a Friday). So what kind of incidents should they prepare for and how should they prepare? Annual reports from forensic investigation … Continue Reading

Obama Administration Recognizes Cyber Threats to U.S. Critical Infrastructure as a National Emergency

Many cybersecurity experts have warned that the United States is already engaged in covert cyber warfare against hostile actors around the world. The latest cybersecurity Executive Order reflects formal recognition that, regardless of whether we call it war, cyber threat activity directed at U.S. critical infrastructure has created a national emergency. Exercising authority granted by … Continue Reading

Court Overturns Presuit Patient Authorization Requirement Under Florida Medical Malpractice Statute

On September 25, 2013, the Northern District Court of Florida, Tallahassee Division, ruled that Florida Statute § 766.1065 violated the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) by requiring a plaintiff in a medical malpractice action to deliver a presuit authorization which allows the defending medical professionals to conduct ex parte interviews of … Continue Reading

OMG! Does Your Doctor’s Facebook Status Violate HIPAA?

Co-authored by: Cory Fox Recently, the Federation of State Medical Boards (“the Federation”) released its Model Policy Guidelines for the Appropriate Use of Social Media and Social Networking in Medical Practice (“Guidelines”). The Guidelines are intended to address how physicians can utilize social media to facilitate patient care while still maintaining the privacy and confidentiality … Continue Reading
LexBlog