July 10, 2011 Added by:Rebecca Herold
“Covered entities need to realize that HIPAA privacy protections are real and OCR vigorously enforces those protections. Entities will be held accountable for employees who access protected health information to satisfy their own personal curiosity..."
July 06, 2011 Added by:Konrad Fellmann
Basically, if electronic PHI data is encrypted, purged, or physically destroyed before it is inadvertently disclosed, then it doesn’t count as a breach. If the information is protected in a way that it can’t be obtained by an unauthorized individual then you’re safe...
June 16, 2011 Added by:Jack Anderson
We have scheduled two new free webinars on HIPAA HITECH for Smarties. These webinars feature a presentation by Rebecca Herold,CIPP, CISSP, CISA, CISM, FLMI, recently voted the 3rd best privacy advisor in the world, in competition with large law firms and consulting practices...
June 15, 2011 Added by:Danny Lieberman
A discussion of HIPAA compliance needs to include a comprehensive threat analysis of the entire supply chain of data processing and not just limit itself to the cloud services that store electronic medical records...
June 03, 2011 Added by:Rebecca Herold
When trying to understand HIPAA regulations, and how to put them into practice within an organization, I’ve found it is best to break them down into bite-sized chunks, starting from the basics and building from there. Today I want to spend a little time looking at what makes up a DRS...
June 01, 2011 Added by:Rebecca Herold
Covered entities and business associates would need to account for disclosures of PHI in electronic health records that are part of a designated record set for treatment, payment and health care operations in addition to the existing requirements for accounting for access to PHI...
May 17, 2011 Added by:Jack Anderson
A HIPAA HITECH breach caused by an office burglary resulted in a letter from OCR demanding a large amount of information in a very short time frame. Below are actual quotes from the OCR letter that are as scary as an IRS audit letter...
May 14, 2011 Added by:Danny Lieberman
Humans are naturally curious and always worried when it comes to the health condition of friends and family. HIPAA risk and compliance assessments at hospitals in Israel, the US and Australia consistently show that the number one attack vector on PHI is friends and family, not hackers...
May 09, 2011 Added by:Jack Anderson
As part of the webinar series "HIPAA HITECH Compliance for Smarties" we will be presenting a step by step process employing cloud computing to help covered entities set up a program to manage the HIPAA HITECH compliance of their business associates cost effectively and efficiently...
May 03, 2011 Added by:Jack Anderson
Whether you are a large enterprise looking to manage hundreds of internal business units, a business associate looking to provide proof of compliance, or a very small sub-contractor, a comprehensive privacy and information security program is needed to meet HIPAA HITECH compliance...
April 20, 2011 Added by:Rebecca Herold
What is important to point out about this case is that the doctor described the patient’s injuries in such a way that an unauthorized third party would be able to identify the person described, even though the doctor did not include any of the 18 specifically-named PHI items...
April 12, 2011 Added by:Jack Anderson
We held the first HIPAA-HITECH Compliance webinar on April 6 with gratifying results. A smart, interested group registered, attended, and asked great questions. This has encouraged us to continue the series. Space is limited for these FREE webinars, so reserve your seat now...
April 07, 2011 Added by:Rebecca Herold
Health Net is clearly stating that IBM is responsible for the breach. Guess what? When you outsource business activities to a third party, you do not outsource your responsibility. What was Health Net doing to ensure, on an ongoing basis, that IBM had appropriate safeguards in place?
April 01, 2011 Added by:Jack Anderson
Healthcare needs disruptive innovation. HIPAA HITECH provides an opportunity to profoundly change information security and privacy by bringing millions of new participants into the picture. HHS estimates that 1-2 million business associates need to become HIPAA HITECH compliant...
March 28, 2011 Added by:Jack Anderson
Free Webinar: The key to successful compliance is having a clear step by step process, templated policies, procedures and forms, and having a personal privacy and security expert assigned to help you through the process. Delivering all this through cloud computing makes it cost effective...
March 24, 2011 Added by:Jack Anderson
Free Webinar on HIPAA and HITECH Compliance: Join us to find out how easy it can be to take your practice from zero to compliant with our easy-to-use online system that combines all the pre-drafted policies, procedures and forms you need plus assistance from a HIPAA compliance expert..
Join Trend Micro & SecurityWeek in Belle... Shah Alam on 12-06-2013
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013
Projectile Dysfunction... ryan mccarthy on 12-01-2013