By Art Gross – The practice of medicine is a risky business. There is always the risk that a certain treatment will fail to help a patient. There is a risk of being accused of malpractice. There is a risk of being accused of incorrectly billing a patient, insurance company or government agency.
Read More
By Matt Fisher – The Office of the Inspector General HHS recently released the review results from its assessment of the Office for Civil Rights oversight of the HIPAA Compliance Rule. Not too surprisingly, the OIG found weaknesses in the way in which OCR oversees compliance with the HIPAA Privacy Rule.
By Steve Spearman – Access controls are mechanisms that appropriately limit access to resources. Having and maintaining access controls are a critical and required aspect of HIPAA compliance, They also help authenticate and ensure the integrity of your EHR,
By Matt Fisher – After waiting with bated breath for almost a year, the day when full scale HIPPA audits will start is almost here. During a keynote address the the HIPAA Security Conference co-hosted by the HHS Office for Civil Rights and the National Institute of Standards and Technology (“NIST”), OCR Director Jocelyn Samuels revealed that the day when audits will start is getting closer.
By Matt Fisher – It often seems as though a day does not go by without the report of a new breach of healthcare data. Examples of breaches include loss of unencrypted devices (whether laptops, flash drives or other devices), usage of non-secure services, inattention to paper records, employee snooping, and more.
By Steve Spearman – In this week’s Q&A, HIPAA Chat host Steve Spearman spoke with Mike Pearson, information security expert, about the differences between penetration testing and vulnerability scanning and how these techniques can facilitate HIPAA compliance.
By Jonathan Krasner – We are all well aware of the epidemic of large data breaches that have been occurring recently. Anthem, Blue Cross, UCLA, the list goes on and on. Over 143 million records breached to date – an astounding figure! Since 2009, when the Office of Civil Rights “Wall of Shame” came into existence, there have been over 1,200 breaches of 500 records or more that have been reported.
By Steve Spearman – On July 8, 2015, St. Elizabeth’s Medical Center of Brighton, Massachusetts, agreed to pay $218,400 to the Department of Health and Human Services in a HIPAA violation settlement.
By Matt Fisher – Stories appear almost everyday about medical records being improperly accessed, hacked or otherwise being stolen. The number of stories about such thefts is almost matched by the number of stories about the high value placed upon medical records by identity thieves and others.