An SRA is a requirement under the HIPAA Security Rule, which directs covered entities and business associates to conduct a thorough and accurate assessment on the risks and vulnerabilities to ePHI. Join us and register for this event to learn more.
Read More
By Matt Fisher – At some point in time most group practices, hospitals or other provider organizations will receive a letter from the OCR. The letter will state that OCR received a complaint from a patient, employee or some other party with knowledge or information as to alleged acts at the healthcare organization.
By Matt Fisher – The Breach Barometer published monthly through the joint effort of Protenus and Databreaches.net provides a fair amount of insight into data breach happenings.
By Matt Fisher – A healthcare organization compare a number of vendors, product features and gets close to choosing one. Just before making the ultimate decision, someone asks, what about HIPAA?
HITRUST announced the creation of a Threat Catalogue to aid healthcare organizations in improving their information security posture by better aligning cyber threats with HITRUST CSF risk factors and controls.
By Art Gross – In a cruel twist of fate, health care entities are being phished using an OCR (HHS Office of Civil Rights) email as the bait. Here is the context: HHS/OCR is the governmental entity in charge of enforcing the HIPAA statutes.
By Ebony Brice & Nick Heesters – As we mark National Cyber Security Awareness Month, the ONC and the HHS Office for Civil Rights have jointly launched an updated their HIPAA Security Risk Assessment Tool.
By Terry Edwards – At Becker’s Hospital Review Annual CIO/HIT + Revenue Cycle Summit I discussed the elements needed to truly secure clinical communications with some of the best minds in the healthcare world. With the recent high profile news stories on ransomware attacks in hospitals and health systems, security and the ability to secure clinical information is top of mind for many.
By Mike Semel – The Office for Civil Rights announced that the new permanent audit program has started. On July 11 letters were sent BY E-MAIL (check your junk mail folders!) to 167 health plans, health care providers, and health care clearing houses (all HIPAA Covered Entities) notifying them that they have to send in documentation for a ‘desk audit.’ They will have 10 days to send in the required materials for review.