What Keeps You Up at Night?

HIPAA is challenging, and the downside risks can be a little scary. HiPAA HUB knows how to identify, address, and monitor your exposure so your team can focus on your core business. HiPAA HUB provides smart & timely solutions to make your organization compliant with HIPAA. 


HiPAA HUB serves all of your health information privacy and security needs.


  • All Healthcare: Hospitals, Providers, Payers & Business Associates.


  • All Sizes: Large, Medium & Smaller businesses.


  • All Service Levels: HiPAA HUB On CallTM access and Privacy & Security services.
Learn more about HiPAA HUB, LLC.
Turn your HiPAA program into a competitive advantage.

Latest Top (4) News

HHS Takes Action as Part of President Trump’s Healthcare Plan

On Thursday, President Trump unveiled his America First healthcare plan, signing an executive order to deliver Americans better care, lower costs, and more choice, continuing the work that HHS has been doing under his leadership.

“The President’s plan delivers better care, more choice, and lower costs for all Americans,” said HHS Secretary Alex Azar. “Because of the President’s leadership, Americans will enjoy lower drug costs, lower insurance premiums, real access to prices of healthcare services and to their medical records, new protections from surprise bills, and the ability to work with their doctor to determine what treatments make sense for them.”

As part of the President’s plan, on Thursday, HHS:

  • Issued a final rule and guidance from the Food and Drug Administration to open the first-ever pathway for states to use to safely import prescription drugs to lower patients drug costs.  
  • Solicited private-sector proposals, as called for in the President’s July executive order, on allowing Americans to get lower-cost FDA-approved drugs and insulins from American pharmacies via importation and reimportation.
  • Released the 2021 Medicare Advantage and Medicare Part D Premium landscape, showing that average 2021 premiums for Medicare Advantage plans are expected to decline 34.2 percent from 2017 while plan choice, benefits, and enrollment continue to increase, and that Part D premiums will be down 12 percent from 2017, with over 1,600 drug plans offering insulin at no more than $35 per month.
  • Issued a notice of proposed rulemaking from the Health Resources and Services Administration to pass on steep discounts at community health centers on insulin and epinephrine to Americans who are uninsured or have high cost-sharing, including the nearly 3 million health center patients with diabetes.

For more information about the Requests for Proposal Regarding Waivers for Individual Prescription Drug Importation Programs, visit here.

For more information about the Request for Proposals Regarding Insulin Reimportation Programs, visit here.  

Thu, 24 Sep 2020 18:45:00 -0400

Administration Announces $200 million from CDC to Jurisdictions for COVID-19 Vaccine Preparedness

The Department of Health and Human Services (HHS) is announcing upcoming action by the Centers for Disease Control and Prevention (CDC) to provide $200 million to jurisdictions for COVID-19 vaccine preparedness.

Funding from the Coronavirus Aid, Relief, and Economic Security Act (CARES) will provide critical infrastructure support to existing grantees through CDC’s immunization cooperative agreement. CDC is awarding $200 million to 64 jurisdictions through the existing Immunizations and Vaccines for Children cooperative agreement. These funds, along with the previous support CDC has provided, will help states prepare for the COVID-19 vaccine.

“By building on close partnerships with the states and other jurisdictions we have worked with for years on vaccination programs, we have the ability to begin distributing and administering safe and effective COVID-19 vaccines as soon as they are authorized and available,” said HHS Secretary Alex Azar. “With these $200 million in new funds, jurisdictions can develop and update plans for the eventual distribution and administration of the safe and effective vaccines that will help bring this pandemic to an end. The federal government, including experts from CDC and the Department of Defense, is ready to assist where necessary.”

“CDC has worked for decades with state and local jurisdictions to deliver tens of millions of doses of vaccine every year” said CDC Director Robert Redfield. “CDC is working closely with these jurisdictions to refine and update vaccination plans in preparation for the upcoming COVID-19 vaccine program.”

Notices of Awards will be issued on September 23, 2020, and all 64 jurisdictions will receive funding, with the amount each jurisdiction receives determined by a population-based formula.

The funding is intended for jurisdictions to plan for and implement COVID-19 vaccination services.

For more information about CDC’s ongoing support to States, please visit this CDC website: https://www.cdc.gov/coronavirus/2019-ncov/downloads/php/funding-update.pdf

Wed, 23 Sep 2020 21:15:00 -0400

HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 million Individuals

CHSPSC LLC, (“CHSPSC”) has agreed to pay $2,300,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules related to a breach affecting over six million people. CHSPSC provides a variety of business associate services, including IT and health information management, to hospitals and physician clinics indirectly owned by Community Health Systems, Inc., in Franklin, Tennessee. 

In April 2014, the Federal Bureau of Investigation (FBI) notified CHSPSC that it had traced a cyberhacking group’s advanced persistent threat to CHSPSC’s information system. Despite this notice, the hackers continued to access and exfiltrate the protected health information (PHI) of 6,121,158 individuals until August 2014. The hackers used compromised administrative credentials to remotely access CHSPSC’s information system through its virtual private network. 

OCR ‘s investigation found longstanding, systemic noncompliance with the HIPAA Security Rule including failure to conduct a risk analysis, and failures to implement information system activity review, security incident procedures, and access controls.

“The health care industry is a known target for hackers and cyberthieves. The failure to implement the security protections required by the HIPAA Rules, especially after being notified by the FBI of a potential breach, is inexcusable,” said OCR Director Roger Severino.

In addition to the monetary settlement, CHSPSC has agreed to a robust corrective action plan that includes two years of monitoring. The resolution agreement and corrective action plan may be found at https://www.hhs.govhttps://www.hhs.gov/sites/default/files/chspsc-ra-cap.pdf.

Wed, 23 Sep 2020 12:00:00 -0400

HHS Announces Health IT Awardees Focused on Data Sharing to Support Clinical Care, Research, and Improved Outcomes

The U.S. Department of Health and Human Services' (HHS) Office of the National Coordinator for Health Information Technology (ONC) today announced four awards totaling more than $2.7 million under the Leading Edge Acceleration Projects in Health Information Technology (LEAP in Health IT) funding opportunity. The LEAP in Health IT awardees will address fast-emerging challenges in interoperable health information technology (health IT), thus advancing opportunities for the adoption and use of health IT standards across the health care ecosystem.

The four new LEAP in Health IT awardees will address development and testing for data sharing functionalities to support clinical care, research, and improved outcomes. The 2020 special emphasis notice for LEAP in Health IT solicited applications focused on three areas of interest: (1) advancing registry infrastructure for a modern application programming interface-based health IT ecosystem; (2) cutting edge health IT tools for scaling health research; and (3) integrating healthcare and human services data to support improved outcomes.

"The LEAP program was created to bring future-focused outcomes closer to the present. This third cohort will inform the implementation and refinement of standards, methods, and innovative techniques to create breakthroughs in how we approach health care and research," said Steve Posnack, deputy national coordinator for health IT.

The 2020 awardees are:

Area 1: Chesapeake Regional Information System for our Patients, Inc. (CRISP) – Development and Testing Data Sharing Functionality for Health System Participating in the National Cardiovascular Disease Registries of the American College of Cardiology

  • CRISP, in partnership with the American College of Cardiology (ACC), will advance the health IT ecosystem through the accelerated adoption of modern standards - such as FHIR – both in the acquisition of clinical data for registry submission as well as the subsequent use of clinical data to improve care decisions.

Area 2: MedStar Health Research Institute – FHIR Factories: An Evolving Digital Architecture to Scale Health Research

  • MedStar, with their collaborators from Georgetown University's Innovation Center for Biomedical Informatics (ICBI), the American College of Emergency Physicians (ACEP), HealthLab, and Asymmetrik, aims to better understand the current state of open source, health IT tools. Specifically, the proposed project will demonstrate use of individual bulk FHIR data extraction to support needed research functionality.

Area 2: Children's Hospital Corporation – Cumulus: A Universal Research Sidecar for a SMART Learning Healthcare System

  • The Children's Hospital Corporation in collaboration with Yale University and Yale-New Haven Health, will develop a FHIR-based platform that leverages bulk data to support an ecosystem for research and learning. Tools to be developed and tested will allow users to annotate FHIR-bulk data for analytics, de-identify data, and query cohorts.

Area 3: Missouri Department of Mental Health (DMH), Division of Developmental Disabilities – Integrating Standardized Data to Advance Person-Centered Planning, Outcomes, and Value Based Payment Models Project

  • The Missouri Department of Mental Health (DMH), Division of Developmental Disabilities (DD), in partnership with their stakeholders, will help DMH/DD advance their value-based payment (VBP) model with foundational technical infrastructure that will integrate structured components to support person-centered planning, reporting, population health, and data sharing across health care and home and community based services (HCBS) providers for individuals with intellectual and developmental disabilities, while testing and adopting the electronic long-term services and support (eLTSS) standard.

Wed, 23 Sep 2020 11:00:00 -0400