John Blacksmith

Photo of author
John Blacksmith is a journalist with several years experience in both print and online publications. John has specialised in Information technology in the healthcare sector and in particular in healthcare data security and privacy. His focus on healthcare data means he has specialist knowledge of the HIPAA regulations. John has a degree in journalism.

Large Healthcare Companies Need to Improve Cybersecurity Measures

Senate Finance Committee chair, Senator Ron Wyden sent a letter to the Department of Health and Human Services (HHS) through Secretary Xavier Becerra asking big healthcare organizations to improve their cybersecurity protocols. One factor in the success of cyberattacks in … Read more

Designed Receivable Solutions Lawsuit Due to 500M-Record Data Breach

Revenue cycle management company, Designed Receivable Solutions based in Cypress, CA, is facing a class action lawsuit associated with a data breach that impacted more or less half a million people. The company detected an attack on January 22, 2024. … Read more

Critical Vulnerabilities Found in Baxter Welch Allyn Products

On May 30, 2024, CISA publicized ICS Medical Alerts for Baxter products and medical devices. Baxter identified two critical vulnerabilities in its Welch Allyn products, namely the Welch Allyn Connex Spot Monitor and the Welch Allyn Product Configuration Tool. Baxter … Read more

Health Data of Texas Panhandle Centers Patients Exposed in October 2023 Data Breach

Certified Community Behavioral Health Clinic, Texas Panhandle Centers (TPC) based in Amarillo, TX uncovered unauthorized access to its computer network and the compromise of 16,394 patients’ personal data and protected health information (PHI). TPC, which was founded in 1966, serves … Read more

New Reproductive Health Care Privacy Rule Released Under HIPAA

The Final Rule ensures the privacy protection of the health records of women, their members of the family, and physicians who are seeking, getting, offering, or assisting legal reproductive health care. The Biden-Harris Administration and the Office for Civil Rights … Read more

Warning Against Different Types of Business Email Compromise Attacks

The Department of Health and Human Services (HHS) Health Sector Cybersecurity Coordination Center (HC3) is warning the healthcare and public health (HPH) sector concerning business email compromise (BEC) attacks. BEC attacks refer to a type of spear phishing utilizing social … Read more

Discovered Vulnerabilities in GE Healthcare Ultrasound Products and in Desktop Windows Manager

11 Vulnerabilities Discovered in GE HealthCare Ultrasound Products About 12 vulnerabilities were discovered in GE HealthCare Vivid Ultrasound devices that threat actors can exploit to access and modify patient information, and possibly install ransomware to make the devices inaccessible. Researchers … Read more

How to Make ChatGPT HIPAA Compliant - Defensorum.com

How to Make ChatGPT HIPAA Compliant

The way to make ChatGPT HIPAA compliant is to deploy anonymizing software between users and the ChatGPT program in order that no Protected Health Information is disclosed to ChatGPT. However, when using this solution, it is necessary for the anonymizing … Read more

Settlement of Class Action Lawsuits by Gifted Healthcare and Presbyterian Healthcare Services

Settlement Offered to Settle Gifted Healthcare Data Breach Lawsuit Gifted Healthcare has offered to settle a class action lawsuit that claimed negligence for not implementing appropriate cybersecurity steps that resulted in a data breach. The nursing agency based in Metairie, … Read more

Password Guidelines and Recommendations

World Password Day is celebrated on the first Thursday of May. It was founded in 2013 with the objective of increasing awareness of the significance of using complex and unique passwords and implementing password guidelines to maintain the privacy and … Read more

PHI Exposed in Tennessee Eye Clinic Network, Somerset Dental Las Vegas and Catholic Medical Center Cyberattacks

BianLian Threat Group Attacks Tennessee Eye Clinic Network Politzer and Durocher, PLC, also called Optometric Physicians of Middle Tennessee (OPMT), submitted a hacking incident report to the HHS Office for Civil Rights that impacted the personal data and protected health … Read more

Orrick, Herrington & Sutcliffe Settles Lawsuit and Ernest Health’s Recent Lawsuit

Orrick, Herrington & Sutcliffe Pay $8 Million to Settle Class Action Data Breach Lawsuit The law agency Orrick, Herrington & Sutcliffe based in San Francisco, CA is paying $8 million to settle a class action lawsuit associated with a cyberattack … Read more

Planned Parenthood Los Angeles Settles Lawsuit and Children’s Healthcare of Atlanta Pixel-Related Lawsuit

Planned Parenthood Los Angeles Settles Class Action Data Breach Lawsuit for $6 Million Reproductive healthcare services provider Planned Parenthood Los Angeles located in Los Angeles County proposed a $6 million settlement to take care of all claims associated with a … Read more

How to Make Microsoft 365 HIPAA Compliant

The way to make Microsoft 365 HIPAA compliant so it can be used to create, receive, store, or transmit Protected Health Information is to subscribe to a plan that supports HIPAA compliance and configure each product or service within the … Read more

How to Make Google Workspace HIPAA Compliant

The way to make Google Workspace HIPAA compliant is to subscribe to a Workspace Plan that supports HIPAA compliance, agree to the terms of Google’s Business Associate Addendum, and configure the core services included in the Workspace plan to mitigate … Read more

Credential Harvesting Prevention and Alert Against Volt Typhoon Threat

HHS Offers Guidance on Credential Harvesting Mitigations The Health Sector Cybersecurity Coordination Center (HC3) has given a healthcare and public health (HPH) sector advisory regarding credential harvesting, a frequent tactic employed in cyberattacks on the HPH sector by online hackers. … Read more

Is Zelle HIPAA compliant? Defensorum.com

Does Zelle Need to be HIPAA Compliant?

Zelle does not need to be HIPAA compliant before covered entities can use the fund transfer service to collect payments from patients and plan members because of an exemption in HIPAA for payment processors. However, covered entities must ensure that, … Read more

Is IVY Pay HIPAA Compliant?

Is it Necessary for Ivy Pay to be HIPAA Compliant?

It is necessary for Ivy Pay to be HIPAA compliant if a healthcare provider who qualifies as a HIPAA covered or hybrid entity wants to use the payment processing software for functions that involve uses and disclosures of Protected Health … Read more

Reports of Cyberattacks and Data Breaches by Valley Oaks Health, Sycamore Rehabilitation Services, Humana Inc., and Jewish Home Lifecare

50,000-Record Data Breach at Valley Oaks Health, Indiana Valley Oaks Health based in Niles, IL recently informed 50,352 persons concerning a breach of its system environment. Unauthorized persons acquired access to sections of its system from June 8, 2023 to … Read more

HIPAA security audit requirements

HIPAA Security Audit Requirements

The HIPAA security audit requirements are that covered entities and business associates conduct a thorough assessment of the potential risks and vulnerabilities to the confidentiality, integrity, and availability of PHI and implement security measures sufficient to reduce risks and vulnerabilities … Read more

Unite Here Data Breach And Lurie Children’s Hospital Cyberattack

791,000 People Affected by UNITE HERE Data Breach The labor Union, UNITE HERE, located in New York has 300,000 working individuals all over the United States and Canada. It recently filed a breach report to the HHS’ Office for Civil … Read more

Does PayPal Need to be HIPAA Compliant to Accept Payments for Healthcare?

Does PayPal Need to be HIPAA Compliant to Accept Payments for Healthcare?

PayPal does not need to be HIPAA compliant to accept payments for healthcare due to an exemption in HIPAA that applies to all banks and financial institutions for payment processing. However, banks and financial institutions do need to be HIPAA … Read more

Email Account Breaches Reported by McKenzie County Healthcare System and Maryville Addiction Treatment Centers

Email Account Breach Reported by McKenzie County Healthcare System McKenzie County Healthcare System located in North Dakota has discovered unauthorized access to the email account of a staff member. The breach was discovered on or about October 5, 2023, and … Read more

Reported Data Breaches by Medical Management Resource Group, Prime Healthcare, AGC Flat Glass North America, and Aspen Dental

2.35M Patients Affected by Medical Management Resource Group Breach Medical Management Resource Group, LLC (MMRG), also called American Vision Partners, has confirmed in a breach notification letter sent to the HHS’ Office for Civil Rights that the protected health information … Read more

Data Brokers Should Be Held Responsible for Misusing Geolocation Information

U.S. Senator Ron Wyden (D-OR) wrote to the Securities and Exchange Commission (SEC) and the Federal Trade Commission (FTC) asking for action to secure people and investors from Near Intelligence Inc., a publicly owned data broker. Sen. Wyden began investigating … Read more

How does HIPAA compliance apply to healthcare administration firms?

Healthcare administration firms must adhere to HIPAA compliance, ensuring the confidentiality, integrity, and availability of PHI by implementing administrative, physical, and technical safeguards, thus mitigating risks of unauthorized access or disclosure and maintaining trust in the seamless operation of healthcare … Read more

How can a clinical research organization ensure HIPAA compliance?

To ensure Clinical Research Organization HIPAA compliance, a Clinical Research Organization must systematically safeguard PHI through robust encryption and access controls, provide regular training to employees on data privacy, implement stringent data security policies and procedures, conduct periodic risk assessments, … Read more

How does HIPAA compliance apply to population health management?

In the field of population health management, HIPAA compliance is an important as it mandates the safeguarding of patient data and confidentiality during the collection, analysis, and sharing of health information to improve community health outcomes, thus ensuring that population … Read more

How can a health informatics company ensure HIPAA compliance?

A health informatics company can ensure HIPAA compliance by implementing rigorous data protection protocols, conducting regular training sessions for employees on safeguarding patient information, continuously monitoring and updating their systems to prevent breaches, and collaborating with legal experts to ensure … Read more

How does HIPAA compliance apply to digital health interventions?

Digital health interventions HIPAA compliance is important because it ensures that digital platforms, applications, and tools involved in delivering healthcare services adhere to the stringent standards set by HIPAA to safeguard patient data and maintain confidentiality, integrity, and availability of … Read more

How can a personal care agency ensure HIPAA compliance?

A personal care agency can ensure HIPAA compliance by implementing rigorous data privacy and security measures, including training staff on the importance of protecting patient information, using encrypted communication and storage systems, conducting regular audits to identify and rectify potential … Read more

How to Assess Your Compliance with HIPAA Security Requirements?

Assessing your compliance with HIPAA security requirements involves conducting a comprehensive risk analysis to identify potential vulnerabilities in electronic protected health information (ePHI) handling, implementing necessary security measures to address identified risks, training staff on privacy and security policies, maintaining … Read more

How Do HIPAA Security Requirements Influence Healthcare IT Policies?

HIPAA security requirements influence healthcare IT policies by mandating the safeguarding of protected health information through the implementation of administrative, physical, and technical safeguards, which leads to the adoption of measures such as regular risk assessments, encryption protocols, access controls, … Read more

What are the Consequences of Non-Compliance with HIPAA Security Requirements?

The consequences of non-compliance with HIPAA security requirements can include substantial financial penalties, potential criminal charges with imprisonment, reputational damage to the organization, loss of patient trust, potential lawsuits, increased audit scrutiny, and the burden of implementing corrective action plans … Read more

How to Implement HIPAA Security Requirements in Your IT Infrastructure?

Implementing HIPAA security requirements in your IT infrastructure necessitates conducting a comprehensive risk analysis to identify vulnerabilities, adopting robust access controls, ensuring encrypted data storage and transmission, training staff on compliance measures, regularly auditing and updating policies and procedures, integrating … Read more

How Do HIPAA Security Requirements Affect Telehealth?

HIPAA security requirements profoundly impact telehealth by mandating safeguarding patient health information through encrypted communications, secure data storage, and strict access controls, ensuring the confidentiality of medical records during remote consultations and the integrity of health data transmissions between providers … Read more

What is the Role of Encryption in HIPAA Security Requirements?

Encryption plays a major role in the HIPAA Security Requirements as it safeguards Protected Health Information (PHI) during storage and transmission, thus mitigating risks of unauthorized access or breaches and enabling healthcare entities to ensure confidentiality, integrity, and availability of … Read more

How to Train Your Staff on HIPAA Security Requirements?

To train your staff on HIPAA security requirements, initiate a program that includes onboarding training for new hires, regular refreshers, providing clear patient data handling protocols, education on security threats like phishing, and fostering an open reporting environment. These sessions … Read more

How Do HIPAA Security Requirements Protect Patient Data?

HIPAA security requirements protect patient data by mandating a combination of administrative, physical, and technical safeguards, including risk assessments, access controls, encryption, regular audits, and personnel training, to ensure the confidentiality, integrity, and availability of protected health information (PHI) while … Read more

How to Ensure Your Practice Meets HIPAA Security Requirements?

Ensuring that your healthcare practice meets HIPAA security requirements is important, not just from a compliance perspective but also to uphold the trust and confidence of your patients. These requirements involve a combination of administrative, physical, and technical safeguards to … Read more

What are the HIPAA Security Requirements for Healthcare Providers?

The Health Insurance Portability and Accountability Act (HIPAA) requires healthcare providers to implement administrative, physical, and technical safeguards. Which include conducting risk assessments, ensuring data integrity and confidentiality, controlling access to protected health information (PHI), training employees, establishing contingency plans, … Read more

Does HIPAA apply after Death?

HIPAA continues to apply after a person’s death, ensuring the ongoing protection of sensitive health information, preserving the privacy and security of protected health information (PHI) beyond an individual’s lifetime, and establishing guidelines that govern the proper handling, disclosure, and retention of such information, thereby emphasizing the significance of maintaining confidentiality and integrity even in the post-mortem phase of an individual’s healthcare journey.

Why is HIPAA important to patients?

HIPAA is important for patients because it protects their sensitive health information, protects their privacy rights, fosters trust in healthcare providers, and gives them more control over their personal data, ultimately improving the quality of care and promoting patient-centricity in … Read more

Why does HIPAA benefit patients?

HIPAA benefits patients by safeguarding their privacy and security, empowering them with control over their health information, fostering trust in healthcare providers, promoting patient-centered care, and preserving the ethical principles of confidentiality and autonomy within the healthcare system. HIPAA plays … Read more

What are the benefits of HIPAA training?

The benefits of HIPAA training include improved understanding and compliance with privacy and security regulations, reduced risk of data breaches and costly penalties, enhanced protection of sensitive patient information, increased trust from patients and stakeholders, and the establishment of a … Read more

Why is HIPAA important for billing and coding?

HIPAA is important for billing and coding because it establishes strict regulations and safeguards to protect the privacy and security of patients’ health information, ensuring that medical billing and coding professionals keep sensitive data confidential and secure throughout the healthcare … Read more

What is HIPAA and why is it important?

HIPAA is a federal law that safeguards patients’ protected health information, promotes efficient healthcare transactions, ensures data security and privacy, fosters patient trust, and upholds ethical standards in the healthcare industry. HIPAA is a complete set of laws and standards … Read more

Ensuring Your Staff are Aware of the Threat Posed by Dark Web

There is a good chance that your workforce is unaware of the seriousness of the threat that your business faces from hackers, who use dark web sites and forums to sell and trade stolen data. Credentials are extremely valuable to … Read more

Is Bitwarden the Easiest Password Manager to Use?

Bitwarden is one of the most popular password managers on the market today and will be a strong contender for anyone wishing to add an additional level of security for their personal/business devices or network. Here we take a look … Read more

Is Bitwarden the Best Place to Store Passwords?

Bitwarden is one of the best password managers available, offering robust security and a great set of features for a very reasonable price, with impressive free tiers for individuals and even small businesses. It is safe to say that it … Read more