By Matt Fisher – Every industry, whether it be healthcare, financial, or anything else, is under constant attack or threat to digital information. This is not news, especially in light of the numerous stories about breaches from Target to Hyatt Hotels to voter databases to health insurers and more.
Read More
Last month Congress passed a cybersecurity bill as part of the 2016 Omnibus budget. The bill formalizes the information sharing process among industry and government and recognizes the importance of a healthcare industry specific cybersecurity approach.
By Matt Fisher – A Shakespearean Tangle: The current state of medical data is very complicated. The amount of medical data being created is exploding all of the time. The explosion is being facilitated by the always increasing number of ways of creating it and a broadening array of people or entities how want access to it.
By Matt Fisher – The annual OIG Work Plan was published on November 2nd. The Work Plan each year identifies what the Office of the Inspector General of the Department of Health and Human Services will review and provides insight into what the OIG contemplates as risk areas.
By Matt Fisher – National Health IT Week was a busy time with regard to government announcements. First, the final rule for Meaningful Use Stage 3 and Modifications was released and second, on the same day, the OIG released a reminder about information blocking concerns.
By Matt Fisher – The Office of the Inspector General HHS recently released the review results from its assessment of the Office for Civil Rights oversight of the HIPAA Compliance Rule. Not too surprisingly, the OIG found weaknesses in the way in which OCR oversees compliance with the HIPAA Privacy Rule.
By Matt Fisher – After waiting with bated breath for almost a year, the day when full scale HIPPA audits will start is almost here. During a keynote address the the HIPAA Security Conference co-hosted by the HHS Office for Civil Rights and the National Institute of Standards and Technology (“NIST”), OCR Director Jocelyn Samuels revealed that the day when audits will start is getting closer.
By Matt Fisher – It often seems as though a day does not go by without the report of a new breach of healthcare data. Examples of breaches include loss of unencrypted devices (whether laptops, flash drives or other devices), usage of non-secure services, inattention to paper records, employee snooping, and more.
By Matt Fisher – A hospital in Arkansas recently learned the lesson of the nuances contained within the HIPAA Privacy Rule. There are many uses and disclosures identified in the Privacy Rule that permit actions that would otherwise appear to be a breach.