Regular email, without some form of added security such as encryption, is not secure.  By that we mean when you use Outlook or Gmail to send an email to another person, unless you have deliberately added a layer of security (e.g., encryption and/or password protection), that email is not secure. Email was not designed with […]

Last week we told you about the $2.5 million laptop.  What if we told you that fine could have been avoided with one, simple step?  That’s right there would have been no data breach and no $2.5 million fine if the stolen laptop had been encrypted. In this post, we’ll discuss encryption basics, including how […]

In April 2017, the U.S. Department of Health and Human Services (“HHS”) announced yet another HIPAA settlement agreement with a health care provider relating to a stolen mobile device containing Protected Health Information (“PHI”).  As part of this settlement agreement, CardioNet agreed to pay $2.5 million and implement a corrective action plan resulting from the […]

For those of you who follow this blog, one thing will become evident over time: one of my co-authors, Tim Gutwald, and I frequently blog about HIPAA-related privacy issues.  That’s because both of our practices include a fair amount of HIPAA work.  And, one tends to write about what they are passionate about (to the […]

The use of third-party cloud service providers is becoming increasingly popular in today’s business environment, including those covered by HIPAA.