By Matt Fisher – After waiting with bated breath for almost a year, the day when full scale HIPPA audits will start is almost here. During a keynote address the the HIPAA Security Conference co-hosted by the HHS Office for Civil Rights and the National Institute of Standards and Technology (“NIST”), OCR Director Jocelyn Samuels revealed that the day when audits will start is getting closer.
Read More
By Art Gross – On September 2, 2015 The HHS Office of Civil Rights (OCR) issued a press release announcing a $750,000 HIPAA settlement with Cancer Care Group, P.C. This large fine offers some very important lessons. Let’s take a closer look:
By Mike Semel – Once you become aware of a HIPAA data breach it is not a good idea to sweep it under the rug, especially when that is breaking the law and anyone who finds out can report you. Just because they are free and easy doesn’t mean you should use just any Internet file sharing service for storing patient information.
By Matt Fisher – A recent settlement announcement from the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) highlights the need to evaluate web-based applications and storage solutions. Web-based or cloud solutions are viable options and tools for healthcare entities to utilize, but those tools need to evaluated for compliance with HIPAA security requirements.
By Art Gross – Now that the 2015 HIPAA Audits have begun, organizations are reevaluating their HIPAA compliance posture. This is a good thing being that an organization will have very little time to respond to pre-audit and audit inquiries from the Office of Civil Rights (OCR).
By Matt Fisher – Another HIPAA breach settlement announcement and another lesson from the Department of Health and Human Services Office for Civil Rights (“OCR”). Cornell Prescription Pharmacy (“Cornell”) is a single location pharmacy located in Colorado that will pay OCR $125,000 to resolve allegations of a variety of HIPAA violations. When the facts of the circumstances are described, it will likely raise questions as to why the settlement was so low.
OCR is ramping up their HIPAA privacy and security audit program for covered entities (CEs) and business associates (BAs). Delayed until 2015, the second round of HIPAA audits is expected to be more pragmatic and comprehensive.
Don’t Stop Compliance Efforts By Matt Fisher, Esq Twitter: @matt_r_fisher The new round of HIPAA audits expected to start this fall has been delayed. The…
OCR Warns Enforcement To Increase Dramatically By Matt Fisher, Esq Twitter: @matt_r_fisher Recent reports, statements and actions from the government emphasize the need for all…