New HHS Rules, PHI, and Health Apps in the Age of COVID-19

Catherine Short converses with Rachel V. Rose, JD, MBA, principal with Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, on the topic of “New HHS Rules, PHI, and Health Apps in the Age of COVID-19.” On March 9, 2020, HHS announced the promulgation of two final rules - the ONC Final Rule and

Hardware Hacking: The Overlooked CyberCrime. Is Your Data Safe?

Catherine Short speaks with John Shegerian Cofounder and Executive Chairman of ERI the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States. Today, we are discussing “Hardware Hacking: The Overlooked CyberCrime. Is Your Data Safe?” Today, the recycling of electronics in the healthcare sector faces a

HIPAA and Health Apps

Catherine Short chats with Rachel V. Rose, JD, MBA, principal of Rachel V. Rose – Attorney at Law, P.L.L.C., Houston, TX, about the topic of “HIPAA and Health Apps.” As technology evolves and features are adopted by healthcare consumers, so does the need for either new regulations and/or guidance on existing regulations. This radio show

10 Ways PHI Can Be Leaked

Stealing identities is nothing new to the FBI but stolen protected health information (PHI) is a rapidly expanding industry on the black market. The ability to obtain healthcare services, government benefits and prescription pharmaceuticals are the main reasons that each medical record could sell for upwards of $60-70. Just a single cyberattack puts millions of

Meaningful Use Ends In 2016?

Due to the challenges of implementing Meaningful Use, it is unsurprising the Center for Medicare and Medicaid Service (CMS) is finally rethinking the plan.  The goal of Meaningful Use (MU) to achieve nationwide electronic health record (EHR) interoperability and ultimately improve overall healthcare remains intact. Until further details and a formal announcement, certain steps will

Individual’s Rights to Access PHI

An individual’s right to access their protected health information (PHI) should be nothing new to covered entities. In 1996, HIPAA Privacy Rule detailed an individual’s right to access PHI. As part of HITECH and the Final Omnibus Rule, modifications to the Privacy Rule have included additional requirements for covered entities and business associates. Unfortunately, recent

Deadline for Breach Reporting Coming Soon

As the end of the year approaches, keep in mind that all breaches of unsecured protected health information involving less than 500 individuals must be reported to the Secretary at the Department of Health and Human Services (HHS) within 60 days of the end of the calendar year. If the organization already reported a breach


The Office of the Inspector General (OIG) is responsible for protecting the integrity of the programs in Health and Human Services against fraud, waste and abuse as well as recommending improvements to the system that would promote efficiency and efficacy within the limits of the health care laws.   Although OIG oversight includes programs such as

Overview of a Corporate Integrity Agreement (CIA)

Health care fraud recoveries for fiscal years 2009- 2014 exceeded previous records with five straight years of more than $2 billion in annual recovery from cases involving fraud and false claims against federal health care programs such as Medicare and Medicaid.  Most healthcare providers are aware of significant civil liability due to recent enforcement. However,