07/15/2015

The Latest HIPAA Settlement Is Eye-Catching

by ZixCorp


On Monday, Joseph Conn published an article for Modern Healthcare highlighting a recent HIPAA settlement between St. Elizabeth's Medical Center and the Office for Civil Rights (OCR), which as most of you know enforces the HIPAA Privacy Rule. Settlements with the OCR and breaches on its “Wall of Shame” are so frequent that it’s easy to ignore the latest news, but this particular article caught our eye when reporting:Modern Healthcare article snapshot: St. Elizabeth's Medical Center will pay settlement in HIPAA breach

  1. The settlement involved “a relatively rare enforcement area, Internet-based file-sharing services”
  2. Insight from Adam Greene, a well-known privacy lawyer, who said, “you're going to have to have a business associate agreement (BAA) with any cloud-based (service) providers.”
  3. The violations came to light after complaints from the medical center’s own employee base

Often organizations have to account for employees as a weak link in their security and compliance strategy. We understand why; mistakes happen, as we ourselves pointed out in Monday’s data loss prevention blog. However, this article serves as a great reminder that, interestingly enough, employees are also an organization’s greatest asset.  Not only are employees critical to the success of quality care and daily operations, they can be your eyes and ears to ensure security and compliance are meeting your standards day-in and day-out. After all, you spend valuable resources and time training employees on the appropriate policies and procedures; put that training to even greater use by leveraging employee feedback on what’s working and where you need to fill holes. Now in turning our attention to the other two highlights – the “rare enforcement area” of Internet-based file-sharing services and the BAA with any cloud-based (service) providers – we would be remiss if we didn’t offer a quick and selfish reminder that Zix is the leader in protecting the most popular file sharing method (aka email) and, unlike many email encryption competitors, will sign a BAA. We’ve signed several hundred so far and are happy to work with you to provide this extra layer of assurance.

Posted: 7/15/2015 12:00:00 AM by Global Administrator | with 0 comments
Filed under: Breach, compliance, data, Healthcare, HIPAA, loss, prevention


Recent Posts

10/16/2018

New Email Attack Shows How Hackers Can Hijack a Legitimate Email Thread

by Guest Blogger David Bisson

View Blog Post

10/04/2018

Unified Search Is a Seamless Solution for Increasing Regulatory Burden

by David Wagner

View Blog Post

09/26/2018

What the NIST Small Business Cybersecurity Act Means for You

by David Wagner

View Blog Post