Why your Notice of Privacy Practices alone doesn’t satisfy your HIPAA obligations

Why your Notice of Privacy Practices alone doesn’t satisfy your HIPAA obligations

We hear this question a lot. “I already have a Notice of Privacy Practices. Does that mean I don’t need the HIPAA policy you mentioned?” And the answer is always, without exception, a resounding no. A Notice of Privacy Practices document is not a substitute for written privacy policies and procedures, nor is it sufficient to satisfy...

read more

Failure to notify patients of privacy breach: Illinois hospital settles for $475k

Failure to notify patients of privacy breach: Illinois hospital settles for $475k

The U.S. Department of Health and Human Services, Office for Civil Rights, settled with a healthcare system for its untimely reporting of a breach of its unsecured, private health information. Presence Health has agreed to pay $475,000 and implement a corrective action...

read more

Dallas hospital pays out $3.2 million for HIPAA breach

Dallas hospital pays out $3.2 million for HIPAA breach

Children’s Medical Center had failed to implement procedures that were compliant with HIPAA.  It did not implement risk management plans, nor did it use encryption on all of its laptops, workstations, mobile devices, or removable media...

read more