To catch you up and make some good recently published content available, we’ve creating this post to help you prepare for the upcoming. Benefit from our expertise; prepare for the audits! …

Section 13411 of the HITECH Act requires the Secretary of Health and Human Services (HHS) to “provide for periodic [...]

“Shut Up!..” as JB Smith would say.  I must ask “Are you still crazy after all these years”?  All healthcare Covered Entities and their Business Associates and (soon) subcontractors will need to, like ah um, securely backup our ePHI.

The HIPAA Security Final Rule has very clear Implementation Specifications (under 45 CFR 164.308(a)(7) Contingency Plan) [...]

HIPAA enforcement is on the upswing and the consequences are serious.  A recent hire by the Office of Civil Rights (OCR), however, means enforcement may soon ramp up even more.   OCR has hired Virginia-based audit firm KPMG to implement its HITECH-required HIPAA compliance auditing plan.  Are you ready?  Learn how to [...]

We all face it at some point in our career. You are tasked with securing “x” and the business doesn’t want you doing your job. Sure they may put on a smile when audit or compliance are in the room but when they are alone in their office or in their team meetings they are [...]

This entry is part 20 of 19 in the series HIPAA Security Reminders

Medical Identity Theft and Identity Theft are criminal acts that occurs when a person uses someone else’s personal information, such as name, social security number and/or insurance card number, without that individual’s knowledge to obtain or make false claims for [...]

The deadline for HIPAA Security Rule compliance for Covered Entities (CEs) was April 2005! For Business Associates (BAs), the date was February 2010. Additionally, the federal government unveiled its criteria for the Meaningful Use of electronic health records (EHRs) on July 13. The criteria must be met in order for a [...]

“Shut Up!..” as JB Smith would say.  I must ask “Are you still crazy after all these years”?  All healthcare Covered Entities and their Business Associates and (soon) subcontractors will need to, like ah um, securely backup our ePHI.

The HIPAA Security Final Rule has very clear Implementation Specifications (under 45 CFR 164.308(a)(7) Contingency Plan) [...]

After completing an Information Asset Inventory, the second step in a Risk Analysis is to determine the risks and exposures associated each information asset.  Here’s today’s big tip – Learn how to determine risk! …here’s how…

Risk Determination Phase

This second step continues on with multiple steps for each Information Asset identified in Step 1: (the Asset Inventory Phase) [...]

Do you know if you are in compliance with the HIPAA Security Final Rule?  Are you at risk for data breaches and the associated cost and loss of reputation?  Are there gaps in your organization’s compliance program?  Do you have an action plan to address your organizations deficiencies?   In this brand [...]

This entry is part 19 of 19 in the series HIPAA Security Reminders

Protected Health Information (PHI) exists in many forms.  The HIPAA Privacy Final Rule concerns itself with permissable and proper use and disclosure of all forms of PHI, including electronic PHI (ePHI).  It’s important to not lose track of the requirements to [...]