HIPAA Secure Now!

Phase 2 HIPAA Audits – The OCR Emails Have Begun

By Jonathan Krasner – Back in March, we reported that OCR had announced its Phase 2 Audit Program. OCR stated that they would compile a database of both Covered Entities and Business Associates to form the basis of the pool of organizations potentially targeted for audit. They have followed up on their intentions and in the last week organizations have started to receive contact emails from OCR.

Read More


OCR HIPAA Audits – It’s Real This Time

By Jonathan Krasner – Although HIPAA is an important set of laws passed to protect the sensitive medical information handled by millions of covered entities and business associates, HHS Office for Civil Rights has never established a permanent compliance audit program.



IBM Says that 2015 is the “Year of the Healthcare Breach”

By Jonathan Krasner – At the end of the year all kinds of publications and organizations publish yearly summaries to review the events of the past 12 months. Much of the time this can be positive publicity for a celebrity, firm, organization or industry. In this case, for healthcare, it is decidedly negative. Why has IBM made this proclamation? According to a company report just released, over 100 million records were compromised in the first half of 2015.



Computer Fraud and Abuse Act May Help Companies Against Employee Cyber Theft

By Art Gross – The Computer Fraud and Abuse Act CFAA is not a very widely known piece of federal legislation but could help companies that have been victims of employee or ex-employee theft of digital information. According to an article over at Fox Rothschild LLP the CFAA can be used to help companies that have had employees or ex-employees steal or access unauthorized information.


HIPAA Compliance is a Business Risk

By Art Gross – The practice of medicine is a risky business. There is always the risk that a certain treatment will fail to help a patient. There is a risk of being accused of malpractice. There is a risk of being accused of incorrectly billing a patient, insurance company or government agency.