Healthcare

959779642e6e758563e80b5d83150a9f

HIPAA Compliance and Cloud Security

June 15, 2011 Added by:Danny Lieberman

A discussion of HIPAA compliance needs to include a comprehensive threat analysis of the entire supply chain of data processing and not just limit itself to the cloud services that store electronic medical records...

Comments  (1)

65be44ae7088566069cc3bef454174a7

HIPAA: Designated Record Sets - Know What They Are

June 03, 2011 Added by:Rebecca Herold

When trying to understand HIPAA regulations, and how to put them into practice within an organization, I’ve found it is best to break them down into bite-sized chunks, starting from the basics and building from there. Today I want to spend a little time looking at what makes up a DRS...

Comments  (0)

65be44ae7088566069cc3bef454174a7

HHS: HIPAA Privacy Rule Accounting of Disclosures

June 01, 2011 Added by:Rebecca Herold

Covered entities and business associates would need to account for disclosures of PHI in electronic health records that are part of a designated record set for treatment, payment and health care operations in addition to the existing requirements for accounting for access to PHI...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH Breach by a Small Practice: Actual Experience

May 17, 2011 Added by:Jack Anderson

A HIPAA HITECH breach caused by an office burglary resulted in a letter from OCR demanding a large amount of information in a very short time frame. Below are actual quotes from the OCR letter that are as scary as an IRS audit letter...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH and Your Business Associates

May 09, 2011 Added by:Jack Anderson

As part of the webinar series "HIPAA HITECH Compliance for Smarties" we will be presenting a step by step process employing cloud computing to help covered entities set up a program to manage the HIPAA HITECH compliance of their business associates cost effectively and efficiently...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH Compliance: No Substitute for Experience

May 03, 2011 Added by:Jack Anderson

Whether you are a large enterprise looking to manage hundreds of internal business units, a business associate looking to provide proof of compliance, or a very small sub-contractor, a comprehensive privacy and information security program is needed to meet HIPAA HITECH compliance...

Comments  (2)

65be44ae7088566069cc3bef454174a7

Physician Learns A Hard PHI Lesson

April 20, 2011 Added by:Rebecca Herold

What is important to point out about this case is that the doctor described the patient’s injuries in such a way that an unauthorized third party would be able to identify the person described, even though the doctor did not include any of the 18 specifically-named PHI items...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA-HITECH Compliance Free Webinar Series

April 12, 2011 Added by:Jack Anderson

We held the first HIPAA-HITECH Compliance webinar on April 6 with gratifying results. A smart, interested group registered, attended, and asked great questions. This has encouraged us to continue the series. Space is limited for these FREE webinars, so reserve your seat now...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Health Net Incident Impacts 1.9 Million: Lessons Learned

April 07, 2011 Added by:Rebecca Herold

Health Net is clearly stating that IBM is responsible for the breach. Guess what? When you outsource business activities to a third party, you do not outsource your responsibility. What was Health Net doing to ensure, on an ongoing basis, that IBM had appropriate safeguards in place?

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Disruptive Innovation in HIPAA HITECH Compliance

April 01, 2011 Added by:Jack Anderson

Healthcare needs disruptive innovation. HIPAA HITECH provides an opportunity to profoundly change information security and privacy by bringing millions of new participants into the picture. HHS estimates that 1-2 million business associates need to become HIPAA HITECH compliant...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Business Associates Must Be HIPAA Compliant

October 09, 2010 Added by:Jack Anderson

In response to a question from a potential client I asked Rebecca Herold, The Privacy Professor to comment on when a BA must be compliant. I will let her answer speak for itself...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA Violations Not Always Due to Data Breaches

October 01, 2010 Added by:Jack Anderson

You don't have to have a patient data breach to be in violation of HIPAA rules and regulations. By doing nothing, not even thinking, you probably have already committed a violation. If you don't have a breach notification program in place you are in violation now...

Comments  (2)

10e258c8d23d441b915c1b2333b6996a

HIPAA Violations by Associates or Sub-Contractors

September 24, 2010 Added by:Jack Anderson

Hospitals turned the records over to a pathology group who in turn handed it off to a medical billing company and the former owner of the medical billing company Joseph Gagnon stated that they had been dumping the unsecured records at the dump for at least 2 or 3 years...

Comments  (1)

A7290c5bd7bc2aaa7ea2b6c957ef639b

Indiana's Abandoned Health Records Act

September 12, 2010 Added by:David Navetta

The new chapter specifies new duties given to the Indiana Attorney General related to the identification, handling, and ultimate transfer, destruction or delivery of abandoned health and other records containing personal information...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Business Associates and HIPAA Liabilities

August 29, 2010 Added by:Jack Anderson

Insurance carriers and payers sent out amended Business Associate agreements in an attempt to shift liability to the BA. Of course now the chain of responsibility extends down to the sub-contractor and everyone is liable if there is a breach...

Comments  (0)

7d7e61615cc2e2996d2840c781fa483b

Healthcare Risk Assessment Essentials

August 25, 2010 Added by:Jack Daniel

A risk assessment needs to go beyond regulatory expectations to ensure an organization is protecting its sensitive assets. Utilizing a best of breed or best practices framework will enable the organization to identify security gaps and control weaknesses rather than regulatory gaps...

Comments  (0)

Page « < 3 - 4 - 5 - 6 - 7 > »