Loading

What Keeps You Up at Night?

HIPAA is challenging, and the downside risks can be a little scary. HiPAA HUB knows how to identify, address, and monitor your exposure so your team can focus on your core business. HiPAA HUB provides smart & timely solutions to make your organization compliant with HIPAA. 

 

HiPAA HUB serves all of your health information privacy and security needs.

 

  • All Healthcare: Hospitals, Providers, Payers & Business Associates.

 

  • All Sizes: Large, Medium & Smaller businesses.

 

  • All Service Levels: HiPAA HUB On CallTM access and Privacy & Security services.
 
Learn more about HiPAA HUB, LLC.
 
.
Turn your HiPAA program into a competitive advantage.

Latest Top (4) News


Readout of Secretary Azar’s Community Pharmacy and Patient Roundtable in Pittsburgh

Today, Health and Human Services Secretary Alex Azar and Centers for Medicare & Medicaid Services Chief of Staff Paul Mango traveled to Pittsburgh, Pennsylvania to participate in a roundtable discussion at Spartan Pharmacy. The discussion included community pharmacists and their senior patients and covered the legislation recently signed by President Trump banning pharmacy gag clauses.

This significant bipartisan achievement is one of many actions the Trump administration has taken since the President rolled out the American Patients First Blueprint to Lower Drug Prices and Reduce Out-of-Pocket Costs. Pharmacists can now always inform patients when it’s possible to pay less out of pocket for prescription drugs, in both private insurance plans and in Medicare prescription drug plans.

At the roundtable, Secretary Azar stressed the importance of patients’ asking their pharmacists if they are getting the best deal on the prescription drugs they need. He listened to the participants’ healthcare concerns and their ideas to lower prescription drug prices. Secretary Azar concluded the roundtable by thanking the participants for the robust discussion and voiced his and President Trump’s commitment to lower healthcare and prescription drug costs for American patients.

Secretary Azar’s Community Pharmacy and Patient Roundtable

To read Secretary Azar’s full statement on the legislation banning pharmacy gag clauses, please visit: https://www.hhs.gov/about/news/2018/10/10/hhs-secretary-azar-praises-results-of-president-trumps-leadership-on-drug-pricing.html



Friday, October 12, 2018 - 21:30


HHS Secretary Azar Comments on Drug Industry Price Transparency Announcement

Health and Human Services Secretary Alex Azar issued the following statement regarding pharmaceutical companies’ announcement that they would be providing access to more information on drug prices:

“Patient empowerment and transparency are at the core of the President’s drug-pricing blueprint that was released five months ago. Our vision for a new, more transparent drug-pricing system does not rely on voluntary action. The drug industry remains resistant to providing real transparency around their prices, including the sky-high list prices that many patients pay. So while the pharmaceutical industry’s action today is a small step in the right direction, we will go further and continue to implement the President’s blueprint to deliver new transparency and put American patients first. “ 



Monday, October 15, 2018 - 12:00


What You Need to Know about Putting Drug Prices in TV Ads

“If we want to have a real market for drugs, why not have [companies] disclose their prices in the ads, too? Consumers would have much more balanced information, and companies would have a very different set of incentives for setting their prices.” – HHS Secretary Alex Azar

In May 2018, President Trump and Secretary Azar introduced the American Patients First blueprint to bring down prescription drug prices.

  • The blueprint laid out four strategies for solving the problems patients face: boosting competition, enhancing negotiation, creating incentives for lower list prices, and bringing down out-of-pocket costs.
  • To create better incentives for list prices, the blueprint called for HHS to consider requiring the inclusion of list prices in direct-to-consumer advertising.

Right now, drug companies are required to disclose the major side effects a drug can have—but not the effect that buying the drug could have on your wallet. Patients deserve more transparency.

HHS is now proposing to require that TV ads for prescription drugs include their list price.

  • The proposal will require direct-to-consumer television advertisements for prescription drug and biological products paid for by Medicare or Medicaid to include the list price if the list price—the Wholesale Acquisition Cost—is greater than $35 for a month’s supply or the usual course of therapy, with the prices updated quarterly.
  • The 10 most commonly advertised drugs have list prices ranging from $535 to $11,000 per month or usual course of therapy.

Many patients either pay list price or pay prices calculated based on list price.

  • 47 percent of Americans have high-deductible health plans, under which they often pay the list price of a drug until their insurance kicks in.
  • All seniors on Medicare Part D have coinsurance for certain types of drugs, which means their out-of-pocket expenses are calculated as a share of list price.
  • List prices are also what patients pay if a drug is not on their insurance formulary, and list prices help determine insurance plans’ placement of drugs on their formulary.

HHS is exploring additional ways to improve drug price transparency and inform consumer decision-making.

  • As Secretary Azar has said, “You ought to know how much a drug costs and how much it’s going to cost you, long before you get to the pharmacy counter or get the bill in the mail.”
  • Another area in need of more transparency, as laid out in the blueprint, is the opaque system of rebates, which drive list prices up and do not fully benefit patients.


Monday, October 15, 2018 - 14:30


Anthem Pays OCR $16 Million in Record HIPAA Settlement Following Largest U.S. Health Data Breach in History

Anthem, Inc. has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules after a series of cyberattacks led to the largest U.S. health data breach in history and exposed the electronic protected health information of almost 79 million people.

The $16 million settlement eclipses the previous high of $5.55 million paid to OCR in 2016.

Anthem is an independent licensee of the Blue Cross and Blue Shield Association operating throughout the United States and is one of the nation’s largest health benefits companies, providing medical care coverage to one in eight Americans through its affiliated health plans.  This breach affected electronic protected health information (ePHI) that Anthem, Inc. maintained for its affiliated health plans and any other covered entity health plans.

On March 13, 2015, Anthem filed a breach report with the HHS Office for Civil Rights detailing that, on January 29, 2015, they discovered cyber-attackers had gained access to their IT system via an undetected continuous and targeted cyberattack for the apparent purpose of extracting data, otherwise known as an advanced persistent threat attack.  After filing their breach report, Anthem discovered cyber-attackers had infiltrated their system through spear phishing emails sent to an Anthem subsidiary after at least one employee responded to the malicious email and opened the door to further attacks. OCR’s investigation revealed that between December 2, 2014 and January 27, 2015, the cyber-attackers stole the ePHI of almost 79 million individuals, including names, social security numbers, medical identification numbers, addresses, dates of birth, email addresses, and employment information.

“The largest health data breach in U.S. history fully merits the largest HIPAA settlement in history,” said OCR Director Roger Severino.  “Unfortunately, Anthem failed to implement appropriate measures for detecting hackers who had gained access to their system to harvest passwords and steal people’s private information.” Director Severino continued, “We know that large health care entities are attractive targets for hackers, which is why they are expected to have strong password policies and to monitor and respond to security incidents in a timely fashion or risk enforcement by OCR.”

In addition to the impermissible disclosure of ePHI, OCR’s investigation revealed that Anthem failed to conduct an enterprise-wide risk analysis, had insufficient procedures to regularly review information system activity, failed to identify and respond to suspected or known security incidents, and failed to implement adequate minimum access controls to prevent the cyber-attackers from accessing sensitive ePHI, beginning as early as February 18, 2014.

In addition to the $16 million settlement, Anthem will undertake a robust corrective action plan to comply with the HIPAA Rules.  The resolution agreement and corrective action plan may be found on the OCR website at http://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/anthem/index.html.



Monday, October 15, 2018 - 14:45