Archive | May, 2011

Covered Entity? Business Associate? Meeting the HIPAA Data Backup Specification?

Is Your Healthcare Organization Meeting the HIPAA Data Backup Standard? The Health Insurance Portability and Accountability Act (HIPAA) comprises three sets of standards — transactions and code sets, privacy, and security.  As of February 17, 2010, over a year ago, both Covered Entities and Business Associates are statutorily obligated to meet the requirements of the […]

Continue Reading

Breach Notification for Unsecured PHI: Interim Final Rule

This post is not intended to be a news flash!  The Breach Notification regulations still exist in the form of an Interim Final Rule (IFR).  We're all anxiously awating the Final Rule.  Meanwhile, a number of readers have asked for a copy of the Breach Notification for Unsecured PHI: Interim Final Rule and for a quick […]

Continue Reading

Privacy Compliance

I recently attended an IAPP Practical Privacy Series.  If you are interested in or work in the Privacy Compliance arena, I would encourage you to attend one of these and/or join IAPP.  They have a variety of programs, conferences, and professional certifications available. The series was held in Washington DC and was focused on the recent […]

Continue Reading

You Must Be Kidding? Tape Backups Still?

Good grief?  I thought we were in the second decade of the new millennium.  Companies are still using magnetic tapes to backup mission critical data?  Paaaaleeeaasse!  Give me a break!  According to a new entry on the DataLossDB – Open Security Foundation website, Cord Blood Registry, CBR Systems, Inc.  recently had a data breach event […]

Continue Reading