Navigating the New HIPAA 2026 Requirements
The healthcare industry faces significant changes in 2026 around compliance, data protection, and financial stability including NPP updates and a major security overhaul.
Navigating the New HIPAA 2026 Requirements: Protecting Privacy, Security, and Financial Health
The healthcare industry is facing significant changes in 2026, and staying ahead of these updates is crucial for maintaining compliance, protecting patient data, and ensuring financial stability.
New HIPAA 2026 Requirements
A key HIPAA deadline is coming up on February 16, 2026 . By that date, covered entities and their business associates must update their Notice of Privacy Practices (NPP) to reflect recent federal changes tied largely to
Healthcare Data Breach Response: First 72 Hours
When a healthcare data breach occurs, the first 72 hours determine whether your organization faces minor remediation or catastrophic penalties. Here's your incident response playbook.
HIPAA Security 2025 Proposed Changes
Why HIPAA Security 2025 Proposed Changes Matter Right Now HIPAA Security 2025 Proposed Changes are coming, and they will change daily work for everyone.
HIPAA SRA: Don’t Risk Fines
HIPAA SRA: Don’t Risk Fines is more than a catchy title. It is a serious warning. Every healthcare organization that handles electronic patient data must complete a HIPAA Security Risk Analysis (SRA) each year.
Essential Year-End Deadlines
Essential Year-End Deadlines matter more than ever for healthcare organizations facing tighter rules, rising cyberattacks, and shrinking margins.
Drive Destruction: Is "Wiping" Enough for HIPAA?
The question: Is wiping a drive enough to protect patient information? is one every healthcare organization must ask. This topic, known as media sanitization , is critical for protecting sensitive patient data.
Navigating the Proposed 2025 HIPAA Changes:
Get ready! Proposed 2025 HIPAA changes are coming. They aim to strengthen how we protect patient health information. While these changes are not final, it's wise to start preparing now.
Spotting Phishing Scams in Healthcare
Cybercrime is a growing threat—especially in healthcare. Attackers use email, phone (vishing), and text (smishing) to trick people into sharing sensitive information.
Cadia HIPAA Settlement: A Lesson in Patient Privacy
Sharing good news feels great in healthcare. A patient's successful recovery is a story worth telling. However, a recent case highlights a major risk.
Debunking the Top 10 HIPAA Security Risk Analysis Myths
Protecting patient data is a top priority for any healthcare organization. A key step in this process is the HIPAA Security Risk Analysis (SRA) .
OCR HIPAA Audits: What They Ask For (and How to Be Ready)
When you hear “ OCR HIPAA Audits ,” you may think, “not me.” Yet audits hit groups of every size.
Business Associate Ransomware Investigation and Settlement
Business Associate Ransomware Investigation and Settlement isn’t just a headline—it’s the reality clinics and vendors face when ransomware strikes a partner that touches patient data. The case against BST & Co.
HIPAA 2025: PHI Sharing & Right of Access
HIPAA 2025: PHI Sharing & Right of Access just became easier to follow. On August 11, 2025, OCR updated its FAQs to help care teams share data for treatment and honor patient access rights.
Preparing for the 2025 HIPAA Security Changes
Preparing for the 2025 HIPAA Security Changes The 2025 HIPAA Security Changes are the most significant updates in over a decade.
HIPAA Business Associate Changes
Get ready for significant HIPAA business associate changes in 2025. The U.S. government is updating patient privacy rules under HIPAA.
Solara’s $3,000,000 Cybersecurity
Phishing attacks are one of the most common methods used by cybercriminals to gain unauthorized access to sensitive information.
HIPAA Violations in Nursing Homes
The consequences of HIPAA violations in nursing homes can be severe. For example, Lakeview Village , a Kansas-based nursing home, was fined $25,000 after a staff member inappropriately accessed the medical records of ove
$500K Ransomware Cybersecurity Incident Settlement
Plastic Surgery Associates of South Dakota in Sioux Falls recently settled with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) for $500,000 due to a ransomware cybersecurity breach.
New Bill Aims to Mandate Third-Party HIPAA Security Risk Analyses
In response to escalating threats in the healthcare sector, Senators Ron Wyden (D-Ore.) and Mark Warner (D-Va.) recently introduced the Health Infrastructure Security and Accountability Act.
Security Risk Analysis (SRA) Importance
I opened the doors of Taino Consultants a couple of decades ago with the intention of becoming a trusted source for healthcare professionals.
Ascension Healthcare Cyberattack: Challenges and Solutions
The cyber siege experienced by Ascension, a major healthcare provider in the United States, had significant ramifications for its operations and patient care.
Tracking Technologies and HIPAA
The healthcare sector has undergone a digital transformation, relying heavily on technology to enhance efficiency and patient care.
Don't Overlook These Potential HIPAA Violation Hotspots: Unveiling Hidden ePHI Storage Equipment
In the digital age, safeguarding electronic Protected Health Information (ePHI) is paramount for healthcare organizations.
Don't Overlook These Business Associates: The Hidden Risks to HIPAA Compliance
In the complex web of healthcare data management, Covered Entities (CEs) must not only safeguard their own systems but also those of their Business Associates (BAs).
Protecting Patient Privacy: OCR’s Response to the Change Healthcare Cybersecurity Incident
In recent years, the intersection of healthcare and cybersecurity has become increasingly fraught with peril.
Insider Cybersecurity Breach Costs Hospital $4.75 Million
The U.S. Department of Health and Human Services (HHS) recently settled a cybersecurity case with Montefiore Medical Center, a hospital in New York City, for a staggering $4.75 million.
STOP Ransomware
The US Government has escalated their war against ransomware by creating a new website that specializes in this subject. Ina news release on July 15, 2021 they provided the following information: "The U.S.
<strong>COVID 19 and Cybersecurity</strong>
COVID 19 devastation effects have not been limited to the loss of life. In fact, during the last couple of years, the FBI has been warning healthcare professionals of cybercrime and the increased focus on healthcare orga
Security Risk Analysis Requirements
Have you completed your Security Risk Analysis (SRA) for Calendar Year 2020? That is a common question we ask our customers and occasionally the answer is: do we have to conduct an SRA every year? The Department of Healt
Aetna pays $1million in fines
“ Aetna's failure to follow the HIPAA Rules resulted in three breaches in a six-month period, leading to this million-dollar settlement," said Office for Civil Rights (OCR) Director Roger Severino.
Healthcare and Cybercrime
The Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) are warning U.S. hospitals and healthcare providers of an increase and imminent cybercrime threat to them.
HIPAA enforcement
“Not Me” . Premera Blue Cross will pay $6.84 million and Athens Orthopedics will pay $1.5 million-dollar. The key phrase we found on these and other cases was “systemic noncompliance with the HIPAA Rules”.
Security Risk Assessment (SRA) and COVID 19
The Office for Civil Rights (OCR) at the HHS announced that it will not impose penalties for noncompliance with HIPAA Privacy, Security, and Breach Notification Rules regarding the good faith provision of telehealth duri
Cybertools
It is evident that cybercrime is not going away. If anything and based on the Federal Bureau of Investigations (FBI) Internet Crime Complaint Center (IC3): “The last calendar year (2019) saw both the highest number of co