The HHS Office for Civil Rights (OCR) announced that it has fined Idaho State University (ISU) $400,000 for failing to protect patient information. The HHS Office for Civil Rights (OCR) opened an investigation after ISU notified HHS of the breach in which the ePHI of approximately 17,500 patients was unsecured for at least 10 months,...
Risk of owning a car If you take a step back and think of the risks of owning a car I think you would be shocked. Cars have associated risks that could significantly impact you and your family. Some of the risks include: The risk of being hurt or killed in a car accident The...
The below infographic provides good insight into common myths of HIPAA compliance for medical practices. Embedded from HIPPOmsg.com Thanks goes out to HIPPOmsg for putting the infographic together! [framed_box bgColor=”#ffd390″] We put together a free guide to help your compliance effort called: 5 simple and inexpensive tips to protect patient information [/framed_box]
There is a very good article over at HealthData Management called Want to Impress OCR During a HIPAA Audit? Write a Book The author discusses the benefits of creating a “Book of Evidence” that your organization is in HIPAA compliance if you were to get audited by the HHS Office of Civil Rights (OCR). Creating...
An article over at Healthcare IT News titled Get set: New HIPAA has teeth gives insight into the increased HIPAA enforcement that is looming. Diana Manos interviewed Jorge Rey, an associate principal and the director of information security and compliance for Kaufman, Rossin for the article. Rey provides some insight into some of the changes...
In an article over at Healthcare IT News, Philadelphia attorney Christopher Ezold gives some very good insight that organizations should not ignore HIPAA requirements. Ezold hits on many good points to drive this home: Ezold warns that while enforcement of PHI rules have been lax in the past, the Department of Health and Human Services...
The most dangerous HIPAA action you can do is very simple: DO NOTHING You may be under a false sense of security because none of these events have happened to your organizations: You haven’t had a HIPAA breach You haven’t received a HIPAA fine You didn’t need to use a Security Incident Response Plan You...
Having a Security Incident Response Plan (SIRP) will allow an organization to respond to a security incident. We define the steps of a SIRP here. An article over at Government Health IT has a question and answers segment that Leon Rodriguez, director of the Office of Civil Rights (OCR) at the Department of Health and Human Services...
Leon Rodriguez, director of the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) recently conducted an interview with HealthcareInfoSecurity. Click on the link to listen to the full interview. Rodriguez gave some valuable insight into OCR’s plans for 2013 and beyond as well as guidance that organizations should follow to protect...
Dom Nicastro over at HCPro gives insight into the status of the OCR audit program for 2013. Top OCR officials have made it clear the audit program will continue next year, says Mac McMillan, FHIMSS, CISM, cofounder and CEO of CynergisTek, Inc., in Austin, Texas. There will be more audits going forward; HITECH requires them,...
© 2025 · HIPAA Secure Now!
Recent Comments