Call us at: 877-275-4545
We frequently get asked about the timing of when a Security Risk Assessment (SRA) needs to be performed for Meaningful Use. So here is some guidance: SRA for Meaningful Use A SRA needs to be performed before a provider attests for Meaningful Use. According to CMS – https://www.cms.gov/Regulations-and-Guidance/Legislation/EHRIncentivePrograms/Downloads/2016_SecurityRiskAnalysis.pdf Conducting a security risk analysis is required...
According to a Verizon study, data breaches at Small and Midsize Businesses (SMBs) occur more frequently than at larger companies. Another study found that the impact of a SMB breach could be devastating to the business. Find out more about the leading cause of SMB data breaches and what you can do to prevent a...
Peachtree Orthopedics has experienced a huge data breach that affects over 500,000 patients. It seems that Peachtree was a victim of a hacker who stole the information and went a step further by issuing a press release: It all began many months ago when we acquired 543k patient records which contain both PII and PHI...
MORRISTOWN, NJ (PRWEB) NOVEMBER 21, 2016 HIPAA Secure Now! is set to handle security risk assessments that will be required of medical practices, under the new MACRA regulation (Medicare Access and CHIP Reauthorization Act), which commences January 1, 2017. HIPAA Secure Now! helps medical practices comply with HIPAA, and protect their most valuable asset –...
In a cruel twist of fate, health care entities are being phished using an OCR (HHS Office of Civil Rights) email as the bait. Here is the context: HHS/OCR is the governmental entity in charge of enforcing the HIPAA statutes. Back in May, we reported that OCR had started sending emails to Covered Entities...
HealthIT Security has a very good article on OCR HIPAA activities. A key message is that not all OCR complaints result in HIPAA violations OCR will continue to focus “its enforcement efforts and its resources” in areas of alleged non-compliance and “where corrective action under HIPAA may be the only remedy.” In terms of OCR...
We have previously posted about HHS/OCR’s Guidance on HIPAA & Cloud Computing. The guidance is presented in question and answer form. To see the full guidance, you can go to the OCR page. Below are the 11 questions with partial answers to keep this brief but provide a good overview: Questions 1. May a...
Pun intended. We all use cloud computing resources every day. All you have to do is go on the Internet, and chances are the website you are accessing uses cloud services. Our website, www.hipaasecurenow.com, uses the Amazon cloud. There are many definitions of cloud services, but at a high level it is the use of...
Data breaches are happening on a frequent basis. You can’t read the news or watch TV without hearing about another data breach. While a company may give out some details of a data breach, the financial details of what the data breach will cost a company usually are not disclosed. This is especially true with...
Back in March, we reported that OCR had announced its Phase 2 Audit Program. When we last heard from OCR about Phase 2 HIPAA Audits, we saw that emails were being sent to Covered Entities and Business Associates. The purpose of the emails was to verify and expand the OCR HIPAA audit pool. We wrote...
© 2025 · HIPAA Secure Now!
Recent Comments