Mutual Matters

Frequently Asked Questions on Privacy and Psychotherapy Notes

Posted by Dana N. Taylor, MHA, CPHRM, CPPS on Jan 17, 2019 12:30:00 PM

Psychotherapy notes receive special protection under the HIPAA Privacy Rule (“Privacy Rule”).  It is important for practices with behavioral health providers to ensure their staff understands the special protections provided to psychotherapy notes.

Read More

Topics: HIPAA and Cybersecurity

Notice of DEA Scam

Posted by Matthew Baker on Jan 10, 2019 11:40:00 AM

MagMutual PolicyOwners℠, along with many other healthcare providers, continue to be targeted by a particularly harrowing extortion scam. It begins with a phone call. Your caller ID reads: "Drug Enforcement Agency," or something equally similar and convincing. It already seems legitimate.

Read More

Topics: HIPAA and Cybersecurity

HIPAA Enforcement, Training Requirements, Tips, and Resources

Posted by Becky Lowman, MBA, RD, LD, CPHRM, CPPS on Dec 13, 2018 2:19:32 PM

In 2003, the Office of Civil Rights (OCR) began enforcing the HIPAA Privacy Rule. In 2009, OCR began enforcing the HIPAA Security Rule. Every year, there is a steady increase in the number of complaints received and investigated by the OCR. Since 2003, the OCR has received over 186,453 HIPAA complaints, initiated over 905 compliance reviews and resolved 96% of these cases. As a result of these HIPAA complaints, OCR has imposed civil monetary penalties on violators totaling $79 million.[1]

Read More

Topics: HIPAA and Cybersecurity

Health Apps: Convenience vs. Security Risks

Posted by Christopher E. Hoyme on May 31, 2018 12:19:24 PM

The pace of innovation in healthcare today has produced an amazing increase in the number of available mobile apps for health-related information. More than 300,000 healthcare apps are available online. These apps are developed and designed to fit within the “connected health model” which attempts to provide flexible and efficient healthcare services by using connected technology that offers better communication, access and diagnostic capabilities. Many healthcare professionals use mobile apps for immediate communication with their patients and more responsive healthcare management. In a nutshell, there is a “mad dash” to address the demand of providing more “real time” health data. In response to this innovation, the question then becomes whether healthcare providers can tap into the available technology of “connectivity” and still protect health and personally identifiable information.

Read More

Topics: HIPAA and Cybersecurity, Patient Care and Interaction

State Data Breach Notification Laws: Overview of the Patchwork

Posted by Carrie Lowe, JD on May 18, 2018 3:10:14 PM

By Joseph J. Lazzarotti, Jason C. Gavejian and Maya Atrakchi

Read More

Topics: HIPAA and Cybersecurity

HIPAA Breach Reporting Deadline is Almost Here

Posted by Emma Cecil, JD on Feb 22, 2018 1:00:00 PM

Healthcare providers and other HIPAA covered entities have until March 1, 2018 to report to the U.S. Department of Health & Human Services’ Office for Civil Rights (“OCR”) breaches involving fewer than 500 individuals that were discovered in the 2017 calendar year. Although covered entities must notify HHS of breaches involving 500 or more individuals within 60 days of the date the breach is discovered, breaches affecting fewer than 500 individuals may be documented in a breach log and reported on an annual basis. Covered entities who elect to report smaller breaches on an annual basis must make their submissions to HHS through the OCR online portal within 60 days after the end of the year in which the breaches were discovered, giving them a March 1, 2018 notification deadline.

Read More

Topics: HIPAA and Cybersecurity

A New Year Brings New Cyber Security Threats

Posted by Sanjay Narula on Feb 2, 2018 12:03:00 PM

R_DoctoriPad.jpgThere is never a dull moment in the world of cyber security.

In 2017:

  • WannaCry, Petya, Not Petya, became household names
  • 143 million personal records containing highly sensitive information leaked in a data breach at Equifax
  • Yahoo revealed that every single email account, (3 billion in total), were impacted by the 2013 data breach
  • Microsoft was compelled to release security patches for Windows XP and Windows server 2003 to mitigate risks presented by the EternalBlue exploits
Read More

Topics: HIPAA and Cybersecurity

Data Breach of Nearly 500,000 Health Records Reported in Sept. 2017

Posted by Michael Bertoncini, JD, Jackson Lewis on Jan 4, 2018 11:50:00 AM

A recent report indicates that nearly 500,000 individual health records were breached in September 2017. This figure is taken from the 39 healthcare data breaches involving more than 500 records that were reported to the Department of Health and Human Services’ Office for Civil Rights in September 2017. 

Read More

Topics: HIPAA and Cybersecurity

Subscribe to Email Updates

What other resources would you like us to provide?

Sharing Insight on Mutual Matters

As one of the leading mutual providers of Medical Professional Liability insurance, we're here to help all healthcare professionals with the challenges they face on a daily basis. The topics we cover include: 

  • Healthcare legislation updates
  • Patient safety guidance
  • Practice and hospital management advice
  • and more. 

Recent Posts