Image of shield with keyhole.

2 min read

Xactus LLC reports data breach

Xactus LLC recently disclosed a data breach affecting consumers’ personal information after an unauthorized party gained access to a company email account.

Read More
Image of two people talking and looking at paperwork. A gavel is also pictured.

2 min read

Are law firms business associates?

Law firms can be considered business associates under HIPAA if they perform functions or services on behalf of a covered entity that involves the use...

Read More
Image of two people's hands shaking.

2 min read

What is the difference between a business associate and a vendor?

A business associate is a person or entity that performs services or functions on behalf of a covered entity that involves the use or disclosure of...

Read More
Image of blue shield with lock in it.

2 min read

Do business associates need to have a HIPAA compliance officer?

Business associates are not explicitly required by HIPAA to have a designated HIPAA compliance officer like covered entities. However, having a...

Read More
Image of person in a hoody at a computer.

1 min read

Included Health Inc. data breach exposes sensitive patient information

Included Health, Inc. reported a data breach on February 13, 2025, exposing sensitive patient information, including names and medical records.

Read More
Image of stethoscope and cell phone.

1 min read

Are e-consultants covered entities?

The classification of e-consults under HIPAA depends on how they function within the healthcare organization. E-consults involved in direct patient...

Read More
Image of hacker on a computer.

2 min read

New phishing kit bypasses two-factor authentication

SlashNet has discovered a phishing kit that bypasses the two-factor authentication (2FA) of popular services like Google’s Gmail and Microsoft 365.

Read More
Is Postmark HIPAA compliant? (2025 update)

1 min read

Is Postmark HIPAA compliant? (2025 update)

Based on our research, Postmark is not HIPAA compliant because it does not meet the requirements set by the U.S. Department of Health and Human...

Read More
phone with stethoscope

1 min read

HIPAA compliance for e-visits

Yes, e-visits must be HIPAA compliant if they involve the exchange of protected health information (PHI) between a patient and a covered entity.

Read More
hubspot logo

1 min read

Is HubSpot HIPAA compliant? (2025 update)

Based on our research, HubSpot is not HIPAA compliant because it does not meet the requirements set by the U.S. Department of Health and Human...

Read More
sonic logo

1 min read

Is Sonic email HIPAA compliant? (2025 update)

Based on our research, Sonic email is not HIPAA compliant because it does not meet the requirements set by the U.S. Department of Health and Human...

Read More
citrix logo

1 min read

Is Citrix Sharefile HIPAA compliant? (2025 update)

Based on our research, Citrix Sharefile is HIPAA compliant because it meets the requirements set by the U.S. Department of Health and Human Services...

Read More
Image of two people in suits shaking hands.

1 min read

Are healthcare data analytics companies business associates?

Healthcare data analytics companies can be considered business associates under HIPAA, but it depends on the nature of their work and their...

Read More