Ransomware Resources for HIPAA Regulated Entities

Ransomware attacks on health care organizations are a growing threat, so the HHS Office for Civil Rights (OCR) shared with us the following information to ensure that HIPAA regulated entities are aware of the resources available to assist in preventing, detecting, and mitigating breaches of unsecured protected health information caused by hacking and ransomware. HHS…

Webinar on Enhancements to HHS Security Risk Assessment Tool

The Office of the National Coordinator for Health Information Technology (ONC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services are hosting a new webinar for users of the Security Risk Assessment Tool. Learn about the SRA Tool and how it can be used at your organization, hear…

Cyber Alert: Updates on Ransomware and Critical VMware Vulnerability

The Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology has released a memo titled “What We Urge You To Do To Protect Against The Threat of Ransomware.”  This memo addresses the growing number and size of ransomware incidents and calls upon government and private sector to take steps…

New Legal Guidance and Resources to Expand Access to COVID-19 Vaccines for Elderly & Disabled

The Office for Civil Rights (OCR), the Administration for Community Living (ACL), and the Office of the Assistant Secretary for Planning and Evaluation (ASPE) at the U.S. Department of Health and Human Services (HHS) have published several new resources to help states, vaccination providers, and others leading COVID-19 response activities improve access to vaccines for…

Cyber Alert: Mitigating Microsoft Exchange Server Vulnerabilities

The Office for Civil Rights (OCR) of the Department of Health & Human Services (HHS) is sharing the following Updated Alert on Mitigating Microsoft Exchange Vulnerabilities to assist HIPAA-covered entities and their business associates in addressing serious threats to Microsoft Exchange servers.  Organizations are encouraged to review the information below and take appropriate action. The…

Surveyors to Enforce CDC Guidance for the 2019 Coronavirus

The Centers for Medicare & Medicaid Services (CMS) has issued a letter to surveyors that addresses infection control adherence for health care facilities related to the 2019 Novel Coronavirus (2019-nCoV), and reminds surveyors that providers must consider emerging infectious diseases in their emergency preparedness plans. The letter includes interim guidance issued by the Centers for…

New HHS Fact Sheet on Direct Liability of Business Associates under HIPAA

The Health and Human Services (HHS) Office for Civil Rights (OCR) has issued a new fact sheet that provides a clear compilation of all provisions through which a business associate can be held directly liable for compliance with certain requirements of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (“HIPAA Rules”), in accordance with…