Our Blog
HIPAA Compliant News Articles and Enforcement
Whistleblowers Awarded Over $1 Million for Reporting Former Employer for Violations Under the False Claims Act
WASHINGTON – Pine Creek Medical Center LLC (“Pine Creek”), a physician-owned hospital serving the Dallas/Fort Worth area, has agreed to pay $7.5 million to resolve claims that it violated the False Claims Act by paying physicians kickbacks in the form of marketing services in exchange for surgical referrals, the Department of Justice announced today. “Health…
PHI of 28,000 Mental Health Patients Allegedly Stolen by Healthcare Employee
Center for Health Care Services (CHCS) in San Antonio, a provider of mental health treatment and support services for individuals with intellectual and developmental disabilities, has discovered documents containing the protected health information of patients have been stolen by a former employee. Breach notification letters have been sent to 28,434 patients who received services at…
Medical Records from OB/GYN Found Dumped At Recycling Center After Anonymous Tip
Paper files containing names, Social Security numbers, and medical histories, including details of cancer diagnoses and sexually transmitted diseases, have been dumped at a recycling center in Allentown, Pennsylvania. The files appear to have come from Women’s Health Consultants, an obstetrics and gynecology practice that had centers in South Whitehall Township and Hanover Township, PA.…
Over $1 Billion in Damages Sought in Lawsuit Against 60 Hospitals for HITECH Act Violations
A recently unsealed complaint, filed in a U.S. District Court in Indiana in 2016, seeks more than $1 billion in damages from 60 hospitals that received HITECH Act meaningful use incentive payments for transitioning to electronic health records, yet failed to meet the requirements of the HITECH Act with respect to providing patients, and their…
HIPAA Compliance for Human Resource Departments
Businesses not directly involved in the healthcare or healthcare insurance industries should none-the-less pay close attention to HIPAA compliance for HR departments. It has been estimated a third of all workers and their dependents who receive occupation healthcare benefits do so through a self-insured group health plan. Although this does not mean a self-insuring business…
Cybersecurity Compliance Deadlines Loom
Earlier this year, the New York State Department of Financial Services laid out new cybersecurity requirements for financial services companies. These rules (codified in 23 NYCRR 500) took effect on March 1 and established an array of “regulatory minimum standards” that companies must now meet. When all is said and done, financial services companies will…
Northwest Rheumatology Discovers PHI Potentially Accessed During Ransomware Attack
Northwest Rheumatology of Tuscon, Arizona has announced that some of its computer systems were taken out of action following a ransomware infection on April 10, 2017. Following any ransomware attack, HIPAA-covered entities must conduct an investigation to determine the extent of the attack and whether patient’s protected health information has been compromised. If a covered…
11,843 Patient Records Exposed in New Ransonware Attacks
In the past two weeks, two further healthcare organizations have announced that they have experienced ransomware attacks that potentially resulted in the protected health information of patients being accessed by cybercriminals. A combined 11,843 patient records were exposed in the two attacks. The first incident affects PVHS-ICM Employee Health and Wellness, LLC. Ransomware was installed…
Woman Indicted for Running Health Care Fraud Scheme from Prison
DALLAS — Alexis C. Norman, 46, of Midlothian, Texas has been indicted on felony offenses stemming from a health care fraud conspiracy she ran from prison that involved the submission of more than $810,000 in false claims to Medicaid, announced U.S. Attorney John Parker of the Northern District of Texas. Norman is scheduled to make…