Jove
Visualize
Contact Us
JoVE
x logofacebook logolinkedin logoyoutube logo
ABOUT JoVE
OverviewLeadershipBlogJoVE Help Center
AUTHORS
Publishing ProcessEditorial BoardScope & PoliciesPeer ReviewFAQSubmit
LIBRARIANS
TestimonialsSubscriptionsAccessResourcesLibrary Advisory BoardFAQ
RESEARCH
JoVE JournalMethods CollectionsJoVE Encyclopedia of ExperimentsArchive
EDUCATION
JoVE CoreJoVE BusinessJoVE Science EducationJoVE Lab ManualFaculty Resource CenterFaculty Site
Terms & Conditions of Use
Privacy Policy
Policies

Related Experiment Videos

Mitigating Cybersecurity Risks.

Rachel V Rose, Joseph S Kass

    Continuum (Minneapolis, Minn.)
    |April 5, 2017
    PubMed
    Summary
    This summary is machine-generated.

    Healthcare cybersecurity is critical for HIPAA and HITECH Act compliance. A neurology practice faced potential penalties due to inadequate cybersecurity measures and staff training, highlighting risks of data breaches and non-compliance.

    Related Concept Videos

    You might also read

    Related Articles

    Articles linked to this work by shared authors, journal, and citation graph.

    Sort by
    Same author

    Legal Liability in Neurology: Navigating Malpractice and Regulatory Compliance.

    Seminars in neurology·2025
    Same author

    Navigating Federal and State Laws Regarding the Prescription of Opioids.

    Continuum (Minneapolis, Minn.)·2024
    Same author

    A Guide for Aspiring Neurology Educators.

    Annals of neurology·2024
    Same author

    Protecting Privacy: Health Insurance Portability and Accountability Act of 1996, Twenty-First Century Cures Act, and Social Media.

    Neurologic clinics·2023
    Same author

    False Claims Act and Anti-Kickback Statute: Avoiding Legal Landmines.

    Neurologic clinics·2023
    Same author

    Medicolegal and Ethical Issues in Neurology.

    Neurologic clinics·2023
    Same journal

    Key Considerations in Telestroke Program Management.

    Continuum (Minneapolis, Minn.)·2026
    Same journal

    Neurology's Action Potential: Delivering on the Promise of Brain Health.

    Continuum (Minneapolis, Minn.)·2026
    Same journal

    Erratum.

    Continuum (Minneapolis, Minn.)·2026
    Same journal

    Management of Large Artery Atherosclerosis.

    Continuum (Minneapolis, Minn.)·2026
    Same journal

    Thrombolysis, Thrombectomy, and Antithrombotic Therapy for Acute Ischemic Stroke.

    Continuum (Minneapolis, Minn.)·2026
    Same journal

    Stroke in Children and Younger Adults.

    Continuum (Minneapolis, Minn.)·2026
    See all related articles

    Area of Science:

    • Healthcare Law
    • Information Security
    • Medical Practice Management

    Background:

    • Increasing government enforcement focus on cybersecurity and its impact on HIPAA and HITECH Act compliance.
    • Specific case: A neurology practice exhibited multiple security vulnerabilities, including audible patient discussions and visible computer screens.
    • Malware infection and lack of staff cybersecurity training were identified issues within the practice.

    Purpose of the Study:

    • To analyze potential adverse audit outcomes and penalties for a healthcare practice with identified HIPAA and HITECH Act compliance gaps.
    • To determine legal mandates for responding to ransomware attacks in healthcare settings.

    Main Methods:

    • Case study analysis of a neurology practice's cybersecurity and compliance failures.

    Related Experiment Videos

  • Review of HIPAA and HITECH Act requirements regarding technical, administrative, and physical safeguards.
  • Examination of legal responses to cybersecurity incidents, specifically ransomware attacks.
  • Main Results:

    • Identified significant gaps in technical, administrative, and physical safeguards, increasing the risk of non-compliance.
    • Highlighted the practice's lack of preparedness for cybersecurity threats like malware and ransomware.
    • The described scenario poses a substantial risk for adverse findings in the HIPAA Audit Program.

    Conclusions:

    • Failure to address cybersecurity vulnerabilities can lead to severe penalties under HIPAA and HITECH.
    • Healthcare practices must implement comprehensive cybersecurity training and robust technical/physical safeguards.
    • Clear legal protocols are necessary for responding effectively to ransomware attacks to ensure patient data protection and compliance.