Blog Posts Tagged with "Covered Entities"

7fef78c47060974e0b8392e305f0daf0

NIST Workshop: Safeguarding Health Information

May 30, 2012 Added by:Infosec Island Admin

The HIPAA Security Rule sets federal standards to protect the confidentiality, integrity and availability of electronic protected health information by requiring HIPAA covered entities and their business associates to implement and maintain administrative, physical and technical safeguards...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Do Subpoenas Trump HIPAA or Trample Security of PHI?

January 12, 2012 Added by:Rebecca Herold

I’ve spoken to many business leaders over the years, and most have gotten serious about ensuring safeguards are in place when putting their signatures on attestations and other types of legally binding documents. So, you need to have documented procedures in place...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

HIPAA Security Rule Toolkit Available from NIST

December 21, 2011 Added by:Headlines

"The NIST HIPAA Security Toolkit Application is intended to help organizations better understand the requirements of the HIPAA Security Rule, implement those requirements, and assess those implementations in their operational environment..."

Comments  (1)

69dafe8b58066478aea48f3d0f384820

HIPAA Tool Helps Organizations Meet Security Requirements

November 30, 2011 Added by:Headlines

A new tool, developed by the NIST is intended to be a resource that organizations can use to support their risk assessment processes by identifying areas where security safeguards may be needed to protect EPHI, or where existing security safeguards may need to be improved...

Comments  (0)

65be44ae7088566069cc3bef454174a7

UCLA Health System Pays $865K to Settle HIPAA Violations

July 10, 2011 Added by:Rebecca Herold

“Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections. Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity..."

Comments  (0)

65be44ae7088566069cc3bef454174a7

HIPAA: Designated Record Sets - Know What They Are

June 03, 2011 Added by:Rebecca Herold

When trying to understand HIPAA regulations, and how to put them into practice within an organization, I’ve found it is best to break them down into bite-sized chunks, starting from the basics and building from there. Today I want to spend a little time looking at what makes up a DRS...

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

HIPAA HITECH Breach by a Small Practice: Actual Experience

May 17, 2011 Added by:Jack Anderson

A HIPAA HITECH breach caused by an office burglary resulted in a letter from OCR demanding a large amount of information in a very short time frame. Below are actual quotes from the OCR letter that are as scary as an IRS audit letter...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Physician Learns A Hard PHI Lesson

April 20, 2011 Added by:Rebecca Herold

What is important to point out about this case is that the doctor described the patient’s injuries in such a way that an unauthorized third party would be able to identify the person described, even though the doctor did not include any of the 18 specifically-named PHI items...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Health Net Incident Impacts 1.9 Million: Lessons Learned

April 07, 2011 Added by:Rebecca Herold

Health Net is clearly stating that IBM is responsible for the breach. Guess what? When you outsource business activities to a third party, you do not outsource your responsibility. What was Health Net doing to ensure, on an ongoing basis, that IBM had appropriate safeguards in place?

Comments  (0)

10e258c8d23d441b915c1b2333b6996a

Disruptive Innovation in HIPAA HITECH Compliance

April 01, 2011 Added by:Jack Anderson

Healthcare needs disruptive innovation. HIPAA HITECH provides an opportunity to profoundly change information security and privacy by bringing millions of new participants into the picture. HHS estimates that 1-2 million business associates need to become HIPAA HITECH compliant...

Comments  (0)

65be44ae7088566069cc3bef454174a7

Auditors: Prepare for the "Year of Healthcare Privacy"

March 03, 2011 Added by:Rebecca Herold

Most of the lawyers and regulatory analysts I’ve spoken with have indicated that they anticipate most, if not all, of the proposed changes will be enacted into the Final Rule as law by the end of March 2011. Many changes will result, and eight areas will be significantly impacted...

Comments  (0)