The interim final breach notification rule, now in effect, requires Covered Entities to report breaches to federal authorities as well as those affected. With the number of breaches growing on the HHS “Wall of Shame”, and over 3% of the American public having Protected Health Information impermissably disclosed, organizations are now focusing their efforts on preventing breaches.
Archive | September, 2011
OK, it may not turn out to be a “party” Omnibus, but it’s what is happening. In her Tuesday, May 10th presentation, Sue McAndrew, JD and deputy director for health information privacy in the HHS Office for Civil Rights discussed the status of regulatory activities around several outstanding regulations. I asked when the final rulemaking was expected to be completed.
With our primary focus on HIPAA and HITECH compliance, it is not often that we discuss non-healthcare security breaches. However, a recent article by healthcareinfosecurity.com sheds light on significant breaches outside of healthcare and offers great advice by two global CSIO leaders that can apply to any industry.
Sue McAndrew, JD and David S. Holtzman, JD (Office for Civil Rights / Health Information Privacy Division) both called for a “Culture of Compliance” at the May 10-11 NIST/OCR HIPAA Security Conference in Washnington. The concept of a “culture of compliance” is not new in the risk management and regulatory compliance world, but seems to be a new term for health care. Learn what they mean…
With the number of breaches growing on the HHS “Wall of Shame”, and over 3% of the American public having Protected Health Information impermissably disclosed, organizations are now focusing their efforts on preventing breaches. We’ve encouraged you to work on your plan … now!
The Clearwater Compliance and AboutHIPAA.com websites have been a critical source of information for my HIPAA compliance efforts over many years.
Are you meeting HIPAA Security Final Rule Requirements for Data Backup and Recovery? Are you confident you can recover exact copies of critical patient data? Learn How to Create a HIPAA-HITECH Compliance Solution for Data Backup Requirements in our recent webinar…
(“Reprinted with permission, copyright 2011 ID Experts, All Rights Reserved)
Last year, in accordance with the requirements of the HITECH Act, the HHS Office for Civil Rights (OCR) established a network of regional investigators and began conducting investigations to ensure HIPAA compliance. Last fall we reported that in our experience, the outcome of these investigations tended to be positive for those organizations making an honest effort to comply. While OCR may have taken practiced forbearance as providers came up to speed on HIPAA compliance programs, recent announcements by HHS reveal that the grace period is over and organizations that aren’t ready to comply can now expect to face stiff penalties.
The Internet offers small businesses a competitive advantage in a tough market thanks to the exposure they receive online. However, while they can compete with larger businesses online in terms of marketing and visibility, their IT budgets and security efforts simply can’t keep up. Cybercriminals realize that small businesses are easy targets because they are […]
So far, 2011 has been a big year for cyber-attacks. American businesses and the United States government were the targets of hackers who stole credit card information, took down websites, and deleted military files. These attacks sent companies and government agencies scrambling to explain how their data was stolen, compromised, or lost. It also forced […]