The HIPAA Journal

MARCH 26, 2025

Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has confirmed that the long-awaited third phase of its HIPAA compliance audits is underway and will involve HIPAA compliance audits of 50 covered entities and business associates.

HIPAA 75

HIPAA Business Associate Huddles/Rounds 75

Healthcare Dive - Practice Management

SEPTEMBER 26, 2024

Ron Wyden and Mark Warner, would direct the HHS to develop minimum cybersecurity standards for providers, health plans, claims clearinghouses and business associates. The legislation, sponsored by Sens.

Billing 124

Billing Business Associate 124

The HIPAA Journal

APRIL 23, 2024

CA Business Associate 129,584 Hacking Incident University of Wisconsin Hospitals and Clinics Authority WI Healthcare Provider 85,902 Compromised email account Aveanna Healthcare GA Healthcare Provider 65,482 Compromised email account Ezras Choilim Health Center, Inc. of all records compromised in March.

Business Associate 126

Business Associate HIPAA Hospital Billing 126

The HIPAA Journal

MARCH 20, 2025

MN Business Associate 190,000,000 Hacking/IT Incident 2 2015 Anthem Inc. CO Business Associate 14,782,887 Hacking/IT Incident 4 2024 Kaiser Foundation Health Plan, Inc. NY Health Plan 9,358,891 Hacking/IT Incident 10 2023 Perry Johnson & Associates, Inc.

Business Associate 111

Business Associate HIPAA Unit Organization and Environment Hospital 111

Electronic Health Reporter

JANUARY 27, 2022

The report reveals how, as the industry continues to recover from a tumultuous 2020, cybercriminals continued to relentlessly target and attack providers, health plans and their business associates. […]. The article Fortified Health Security Releases 2022 Horizon Report appeared first on electronichealthreporter.com.

Business Associate 133

Business Associate 133

The HIPAA Journal

JUNE 26, 2025

The largest data breach of the month occurred at the business associate Serviceaide, a provider of agentic AI-powered agents for IT and workflow management. The second-largest data breach also occurred at a business associate. TX Business Associate 88,609 Hacking incident Shelby Dermatology d.b.a

Business Associate 80

Business Associate HIPAA Hospital Appointments 80

Electronic Health Reporter

JANUARY 16, 2019

Healthcare organizations face unprecedented compliance challenges when it comes to managing business associate agreements (BAAs) amid frequent data breaches, heightened federal scrutiny and anticipated privacy legislation. This content is copyrighted strictly for Electronic Health Reporter. By Greg Waldstreicher, CEO, PHIflow.

Business Associate 96

Business Associate HIPAA 96

The HIPAA Journal

APRIL 30, 2024

DRS is issuing notification letters on behalf of the following covered entity clients: Air Methods AMG Healthcare Management Services CAN Emergency Physicians Cedars-Sinai Medical Center CHA Hollywood Presbyterian Medical Center, L.P.

Business Associate 106

Business Associate HIPAA Follow-Up Hospital 106

The HIPAA Journal

DECEMBER 24, 2022

Since the introduction of the Omnibus Rule, the new penalties for HIPAA violations apply to healthcare providers, health plans, healthcare clearinghouses, and all other covered entities, as well as to business associates (BAs) of covered entities that are found to have violated HIPAA Rules. What Constitutes a HIPAA Violation?

HIPAA 124

HIPAA Business Associate Follow-Up Medication 124

Electronic Health Reporter

MAY 2, 2019

Healthcare providers, covered entities and their business associates should understand HIPAA and take compliance steps to avoid monetary fines and even prison time. By Ken Lynch, founder and CEO, Reciprocity Labs. The Health Insurance Portability and Accountability Act (HIPAA) applies to all companies in the United States.

HIPAA 89

HIPAA Business Associate Insurance 89

The HIPAA Journal

MARCH 28, 2025

The guidance was challenged in court and was partially rescinded, and while tracking tools on websites do not violate HIPAA when they are added to unauthenticated web pages, they cannot be used on authenticated websites unless consent is obtained or a business associate agreement is signed with the provider of those tools.

HIPAA 49

HIPAA Communication Business Associate Appointments 49

The HIPAA Journal

OCTOBER 31, 2024

The HHS’ Office for Civil Rights shows two listings about this incident, one involving the records of 85,133 individuals in its capacity as a healthcare provider and a breach involving the protected health information of 2,402 individuals in its capacity as a business associate. Anthony Regional Hospital, Iowa St.

Hospital 116

Hospital Business Associate HIPAA Insurance 116

Valant

SEPTEMBER 30, 2024

Key Features of HIPAA Compliant Teletherapy Platforms HIPAA compliant telehealth platforms for behavioral health typically include: End-to-end encryption for video conferencing Secure data storage and transmission User authentication and access controls Audit trails for all patient interactions Business Associate Agreements (BAAs) with platform providers (..)

HIPAA 111

HIPAA Business Associate Certification Documentation 111

Electronic Health Reporter

DECEMBER 4, 2018

The medical billing vendor that is fully compliant in all under HIPAA are authoritatively business associates of most ideal healthcare clients. From last few years, there have been significant modifications in the rules in addition to guidelines that medical coding and billing firms must achieve.

Billing 79

Billing Business Associate Medication Medical Coding 79

The HIPAA Journal

APRIL 26, 2024

Catholic Medical Center Patients Affected by Email Breach at Business Associate Almost 2,800 patients of Catholic Medical Center (CMC) in New Hampshire have been affected by a data breach at one of its vendors, the accounts receivable management service provider Lamont Hanley & Associates.

Business Associate 120

Business Associate HIPAA Tests Insurance 120

Healthcare Law Insights blog

JANUARY 15, 2025

1] The Proposed Rule applies to HIPAA-regulated entities, including Covered Entities such as health plans, healthcare clearinghouses, most healthcare providers, and their Business Associates. It also affects the relationship between a Covered Entity and its Business Associate by imposing additional requirements.

HIPAA 52

HIPAA Business Associate Follow-Up Documentation 52

Physicians Practice

OCTOBER 29, 2024

These core principles should be adopted into any covered entity or business associates’ policies and procedures.

Business Associate 52

Business Associate 52

The HIPAA Journal

JULY 4, 2024

In addition, State Attorneys General can take enforcement action against covered entities and business associates when a breach of unprotected health information harms a resident of the state, or when an organization violates a state privacy or security regulation that preempts HIPAA. What are Covered Entities?

HIPAA 56

HIPAA Business Associate Insurance Transfers 56

The HIPAA Journal

MAY 2, 2024

The purpose of HIPAA compliance software is to provide a framework to guide a HIPAA-covered entity or business associate through the process of becoming HIPAA-compliant and ensuring continued compliance with HIPAA and HITECH Act Rules. The top HIPAA compliance solutions also help with the management of business associates.

Tests 52

Tests HIPAA Business Associate Certification 52

19 Labs

MAY 12, 2021

The name was conceived while our CEO, Ram Fish, was having a chat with business associate and renowned Stanford cardiologist , Dr. Peter Fitzgerald at a local Menlo Park hamburger joint. This seems like an odd question at first, but the answer is a lot closer to nursing than you might think.

Diagnostics 97

Diagnostics Business Associate 97

Health Populi

JANUARY 28, 2020

As in other squares of America’s privacy ‘patchwork,’ HIPAA specifies a group of industry actors (health plans, provider organizations, and clearinghouses), designates them as “covered entities,” and then regulates how these entities and their subcontractors (business associates) use a certain class of information (individually identifiable (..)

HIPAA 169

HIPAA Business Associate Communication Medication 169

The HIPAA Journal

APRIL 27, 2025

State Attorneys General can also impose financial penalties on HIPAA-covered entities and business associates for violations of the HIPAA Rules. Another increase is due to be applied on January 15, 2025, but will likely be applied much later. Alternatively, financial penalties can be imposed if a breach of ePHI violates state laws.

HIPAA 81

HIPAA Business Associate Hospital Medication 81

Arkenea

MARCH 29, 2025

Business Associates (BA): These handle ePHI obtained from the covered entities, but don’t create medical data. CE have contracts with business associates, to ensure that they use and disclose medical data properly and also protect it.

HIPAA 52

HIPAA Business Associate Documentation Follow-Up 52

99MGMT

APRIL 8, 2024

For healthcare organizations and their business associates, adhering to HIPAA's regulations is not just about fulfilling legal requirements; it's about embracing an ethical responsibility to protect sensitive and personal health information (PHI).

HIPAA 52

HIPAA Business Associate 52

Arkenea

JUNE 23, 2025

Understanding HIPAA Requirements for RAG Systems RAG systems in healthcare must address several specific HIPAA requirements : Administrative Safeguards : Designated security officer responsible for RAG system oversight Workforce training on proper RAG system usage and data handling Access management procedures for different user roles and permissions (..)

Documentation 52

Documentation HIPAA Discharges Medical Coding 52

Health Populi

NOVEMBER 15, 2018

Many personal information flows don’t fall under the HIPAA umbrella if the company isn’t a business associate. Furthermore, this week Google made news about how it will absorb the DeepMind AI business into the larger Google Health unit.

Business Associate 130

Business Associate HIPAA Tests Communication 130

The HIPAA Journal

OCTOBER 29, 2024

This appears to have been a cyberattack on his practice rather than through a business associate. Leeman, M.D., a Texas-based board-certified plastic surgeon and ENT specialist, has reported a hacking-related data breach to the HHS’ Office for Civil Rights that involved the protected health information of 50,000 patients.

Insurance 107

Insurance HIPAA Business Associate Medication 107

Health Prime

JANUARY 22, 2025

The Security Rule sets forth the administrative, physical, and technical safeguards that covered entities and business associates (collectively, “regulated entities”) must implement to secure individuals’ ePHI. This is the first HIPAA Security rule update since 2013.

HIPAA 52

HIPAA Business Associate Best Practices Insurance 52

Health Prime

JANUARY 22, 2025

The Security Rule sets forth the administrative, physical, and technical safeguards that covered entities and business associates (collectively, “regulated entities”) must implement to secure individuals’ ePHI. This is the first HIPAA Security rule update since 2013.

HIPAA 52

HIPAA Business Associate Best Practices Insurance 52

The HIPAA Journal

MAY 2, 2024

In 2023, business associates were responsible for 60% of the breaches of 500 or more records that were reported to the HHS’ Office for Civil Rights (OCR), compared to 35% in 2022. As has been seen in other data , the percentage of victims paying a ransom is falling. The was a significant increase in data breaches at vendors.

HIPAA 117

HIPAA Follow-Up Certification Business Associate 117

The HIPAA Journal

JULY 5, 2024

Mobile Medical Response Warns Patients About PHI Breach Mobile Medical Response, a Michigan-based provider of medical transportation and ambulance services, has announced that there has been an impermissible disclosure of patient information at one of its business associates.

Business Associate 75

Business Associate HIPAA Insurance Patient Records 75

Arkenea

MARCH 31, 2025

Privacy Incorporation Expenses influence HIPAA compliance costs Anticipated costs differ amongst organizations, based on the size, computer system used, covered entities (CE) involved, business associates involved, and more. Type of organization: Risk levels and quantity of PHI safeguarded depends on the type of organization.

HIPAA 52

HIPAA Business Associate Appointments Insurance 52

Health Prime

MAY 23, 2024

Read more about this in our blog How to make sure your Business Associates are HIPAA Compliant. They should give you a list of compliance procedures they take as a company and how they ensure each employee is following rules and regulations.

Medical Coding 105

Medical Coding Medication Billing Communication 105

Minority Nurse

AUGUST 12, 2024

To learn more about nurse entrepreneurs, visit the National Nurses in Business Association (NNBA) for information on how to get started. Small Business Association (SBA) also has resources on small business grants and events that can help you flourish as a business owner.

Business Associate 52

Business Associate Medical Terminology Vital Signs Triage 52

Health Populi

MARCH 27, 2018

Here’s what we-know-we know about health care, privacy, and security: briefly, • HIPAA covers patients’ PHI that is held by covered entities and shared with contracted business associates. Cyber-breaches are a new-normal in health care.

HIPAA 72

HIPAA Business Associate Best Practices Patient Records 72

The HIPAA Journal

MAY 19, 2025

a San Jose, California-based business associate that offers agentic AI-powered agents for IT and workflow management, has announced a major data breach affecting almost half a million patients of the six-hospital New York healthcare system, Catholic Health. Serviceaide, Inc.,

HIPAA 52

HIPAA Business Associate Insurance Hospital 52

19 Labs

MAY 12, 2021

The name was conceived while our CEO, Ram Fish, was having a chat with business associate and renowned Stanford cardiologist , Dr. Peter Fitzgerald at a local Menlo Park hamburger joint. This seems like an odd question at first, but the answer is a lot closer to nursing than you might think.

Diagnostics 52

Diagnostics Business Associate 52