HIPAA
Business Associates and HIPAA Liabilities
August 29, 2010 Added by:Jack Anderson
Insurance carriers and payers sent out amended Business Associate agreements in an attempt to shift liability to the BA. Of course now the chain of responsibility extends down to the sub-contractor and everyone is liable if there is a breach...
Comments (0)
Business Associates Liable for Breach
August 21, 2010 Added by:Jack Anderson
Proposed modifications include changes required by the HITECH Act and others deemed appropriate by OCR in order to strengthen the privacy and security of health information and to improve the workability and effectiveness of the Privacy Rule, Security Rule and Enforcement Rule...
Comments (0)
Information Privacy and Workplace Investigations
August 17, 2010 Added by:Lindsay Walker
Executives and investigation managers of multinational companies need to understand the different laws and regulations governing the transfer of information across borders to begin implementing channels for cross-border data transfers...
Comments (0)
Threats to Critical Medical Monitoring Devices
August 17, 2010 Added by:Danny Lieberman
A threat analysis was performed on a network of Windows-based embedded medical devices, which help prevent crisis situations through ongoing supervision of patient status, early detection of warning signs, and alert notifications of changes in patient condition...
Comments (2)
Maintaining Information Privacy and Security
August 13, 2010 Added by:Lindsay Walker
Regular evaluation of training programs and internal procedures related to information security must be undertaken to ensure each employee is completing the necessary steps to safeguard information...
Comments (0)
New Healthcare Compliance Requirements
August 12, 2010 Added by:Michael Volkov
A company utilizing a risk-based approach to evaluating these new measures within Healthcare Reform will begin by proactively evaluating existing policy and procedure documentation related to interactions with HCPs, and evaluate existing tracking and reporting tool sets...
Comments (0)
Proposed Modifications to the HIPAA Rules Part Two
August 08, 2010 Added by:David Navetta
The proposed modifications would require organizations that currently issue notices of privacy practices to make material changes to those notices. The modifications do not appear to change the existing rules as to who is responsible for issuing the notice of privacy practices...
Comments (0)
Proposed Modifications to the HIPAA Rules Part One
August 04, 2010 Added by:David Navetta
The Department of Health and Human Services issued its long-anticipated Notice of Proposed Rulemaking on Modifications to the Health Insurance Portability and Accountability Act Rules under the Health Information Technology for Economic and Clinical Health Act...
Comments (0)
Vendors: Can You Prove Your HIPAA Compliance?
July 31, 2010 Added by:Jack Anderson
HHS estimates 1 to 2 million new Business Associates will need to become compliant. HHS also states that if a BA agreement exists, they expect the BA to be compliant with the terms of their agreements now. No waiting periods, no grace periods, be compliant now...
Comments (0)
Killed by Code: Software in Implanted Medical Devices
July 26, 2010 Added by:shawn merdinger
Last week the Software Freedom Law Center released a paper which details several issues in the legal, regulatory and technical environment surrounding medical device security, liability, FDA response, secure coding and code escrow...
Comments (0)
HIPAA Compliance and Willful Neglect
July 18, 2010 Added by:Jack Anderson
The covered entity has a responsibility to get suitable assurance that their business associates are compliant and may request a risk assessment from them if reasonable and appropriate...
Comments (1)
HIPAA Regulations and Defining Meaningful Use
July 08, 2010 Added by:Jack Anderson
The Centers for Medicare & Medicaid Services is reviewing the public comments it received on the proposed meaningful use rule, and hopes to release a final rule early this summer...
Comments (0)
HIPAA HITECH Fines and Fear of Lost Business
June 24, 2010 Added by:Jack Anderson
What has been suspected now has been confirmed - the cost of data breaches is substantial. Indeed, a report titled "2009 Annual Study: Global Cost of Data Breach" shines a very bright light on the actual cost of activities stemming from more than 100 breach incidents across multiple industry sectors, numerous organizations, and a handful of different countries.
Comments (0)
Data Breaches Persist In Health Care
June 24, 2010 Added by:Robert Siciliano
In September 2009, the Obama administration’s Health Information Technology for Economic and Clinical Health (HITECH) Act went into effect, requiring hospitals and other health care organization to beef up client data protections. Despite this, a recent study found that health care data is still hemorrhaging from peer to peer networks.
Comments (0)
Reducing the Cost of Compliance
June 22, 2010 Added by:Bryan Miller
The American Heritage dictionary defines compliance as "The act of complying with a wish, request, or demand; acquiescence". When you think of complying with something, do you normally consider it a wish? So, would paying my taxes indicate I'm complying with the Federal government's wish that I pay my taxes, or is it a demand?
Comments (0)
Viseca Card Services reduces fraud loss with SAS®
June 17, 2010 Added by:Fred Williams
My company, SAS Institute, in Cary, NC is mainly a business analytics software business. However, they do a lot of business in the fraud arena and SAS just posted an article detailing how a Swiss credit card company is using SAS to combat fraud.
Comments (0)
- Five Things Your InfoSec Team Should Do in the Next 30 Days
- The Disclosure Debate Continues….. (part 1,453, 769) to be Continued
- The Danger of Mixing Cyber Espionage with Cyber Warfare
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)