Monthly Data Breach Roundup: Hacking and Insiders in the Lead
By Matt Fisher – The Breach Barometer published monthly through the joint effort of Protenus and Databreaches.net provides a fair amount of insight into data breach happenings.
Read MoreHIPAA Security Rule
HIPAA Certified: Not So Fast
By Matt Fisher – A healthcare organization compare a number of vendors, product features and gets close to choosing one. Just before making the ultimate decision, someone asks, what about HIPAA?
HITRUST Advances Healthcare Industry Cyber Risk Management with Creation of Threat Catalogue
HITRUST announced the creation of a Threat Catalogue to aid healthcare organizations in improving their information security posture by better aligning cyber threats with HITRUST CSF risk factors and controls.
Warning: Be On The Lookout for OCR Phishing Email
By Art Gross – In a cruel twist of fate, health care entities are being phished using an OCR (HHS Office of Civil Rights) email as the bait. Here is the context: HHS/OCR is the governmental entity in charge of enforcing the HIPAA statutes.
Revised HIPAA Security Risk Assessment Tool Now Available
By Ebony Brice & Nick Heesters – As we mark National Cyber Security Awareness Month, the ONC and the HHS Office for Civil Rights have jointly launched an updated their HIPAA Security Risk Assessment Tool.
4 Tactics for Secure Clinical Communication and Collaboration
By Terry Edwards – At Becker’s Hospital Review Annual CIO/HIT + Revenue Cycle Summit I discussed the elements needed to truly secure clinical communications with some of the best minds in the healthcare world. With the recent high profile news stories on ransomware attacks in hospitals and health systems, security and the ability to secure clinical information is top of mind for many.
The 7 HIPAA Audit Items the Feds Selected
By Mike Semel – The Office for Civil Rights announced that the new permanent audit program has started. On July 11 letters were sent BY E-MAIL (check your junk mail folders!) to 167 health plans, health care providers, and health care clearing houses (all HIPAA Covered Entities) notifying them that they have to send in documentation for a ‘desk audit.’ They will have 10 days to send in the required materials for review.
$750,000 HIPAA Fine Offers Valuable Lessons
By Art Gross – On September 2, 2015 The HHS Office of Civil Rights (OCR) issued a press release announcing a $750,000 HIPAA settlement with Cancer Care Group, P.C. This large fine offers some very important lessons. Let’s take a closer look:
Health and Electronic Security
By Matt Fisher – The rapid adoption of electronic health records (“EHR”) and other new technology in healthcare has resulted in the introduction of serious security threats. Numerous stories and reports have made it clear that hackers, criminals and others view the healthcare industry as a ripe target due to security vulnerabilities. This issue is exacerbated by the high value placed upon medical records in the black market.