HIPAA, the law requiring health care information to be kept private, applies to employers that have 50 or more participants in their insured or self-funded medical plans OR use a third-party administrator and (ii) provide payment for medical care. The U.S. Department of Health and Human Services Office for Civil Rights (OCR) listed four cases in which penalties applied where health data was breached (e.g., a ransomware settlement). OCR recommends that health care providers, health plans, healthcare clearinghouses, and business associates that are covered by the HIPAA Security Rule take certain steps to prevent or mitigate cyber-threats. #Ideaoftheday
Check out the latest eBook, Small Business Owner’s Guide to Tax Terms, Acronyms, and More!
