An article over at Healthcare IT News titled Get set: New HIPAA has teeth gives insight into the increased HIPAA enforcement that is looming. Diana Manos interviewed Jorge Rey, an associate principal and the director of information security and compliance for Kaufman, Rossin for the article. Rey provides some insight into some of the changes...
I came across an article on HIStalk Practice that describes exactly what happens when a laptop containing patient information is stolen from an employee’s car. The stolen laptop cost the company around $300,000. An analysis and breakdown of the costs are provided in the article. A few things to note about the article: The article...
There is lots of buzz about the changes to Business Associates under the new HIPAA Omnibus Rule. Let’s take a look at some of the items that both Covered Entities (CE) and Business Associates (BA) should know about the new HIPAA changes. Who are Business Associates? The definition of Business Associates for the most part...
The HHS Office for Civil Rights (OCR) has fined the Hospice of North Idaho (HONI) $50,000 for a breach resulting from a stolen laptop. What makes this unique is it represents the first time an organization has been fined for a breach of less than 500 patients. We will take a look at the details...
In an article over at Healthcare IT News, Philadelphia attorney Christopher Ezold gives some very good insight that organizations should not ignore HIPAA requirements. Ezold hits on many good points to drive this home: Ezold warns that while enforcement of PHI rules have been lax in the past, the Department of Health and Human Services...
The most dangerous HIPAA action you can do is very simple: DO NOTHING You may be under a false sense of security because none of these events have happened to your organizations: You haven’t had a HIPAA breach You haven’t received a HIPAA fine You didn’t need to use a Security Incident Response Plan You...
The Washington Post published a report that is highly critical of the security of patient information in the healthcare industry. A year-long examination of cybersecurity by The Washington Post has found that health care is among the most vulnerable industries in the country, in part because it lags behind in addressing known problem Avi Rubin...
Having a Security Incident Response Plan (SIRP) will allow an organization to respond to a security incident. We define the steps of a SIRP here. An article over at Government Health IT has a question and answers segment that Leon Rodriguez, director of the Office of Civil Rights (OCR) at the Department of Health and Human Services...
Leon Rodriguez, director of the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) recently conducted an interview with HealthcareInfoSecurity. Click on the link to listen to the full interview. Rodriguez gave some valuable insight into OCR’s plans for 2013 and beyond as well as guidance that organizations should follow to protect...
Dom Nicastro over at HCPro gives insight into the status of the OCR audit program for 2013. Top OCR officials have made it clear the audit program will continue next year, says Mac McMillan, FHIMSS, CISM, cofounder and CEO of CynergisTek, Inc., in Austin, Texas. There will be more audits going forward; HITECH requires them,...
© 2024 · HIPAA Secure Now!
Recent Comments