Dom Nicastro over at HCPro gives insight into the status of the OCR audit program for 2013. Top OCR officials have made it clear the audit program will continue next year, says Mac McMillan, FHIMSS, CISM, cofounder and CEO of CynergisTek, Inc., in Austin, Texas. There will be more audits going forward; HITECH requires them,...
The Office of Inspector General (OIG) is criticizing CMS’ oversight of the Meaningful Use incentive program. They worry that CMS might be paying organizations who do not qualify for Meaningful Use incentives. This study is an early assessment of CMS’s oversight of the Medicare electronic health record (EHR) incentive program, for which CMS estimates it...
When people think of the HIPAA Security Rule many think about protecting the privacy / confidentiality of patient information. Privacy is a major part of HIPAA security but also ensuring the availability of patient information is equally important. Let’s take a look at the HIPAA Security General Rules: § 164.306 Security standards: General rules. (a)...
Below is an awesome testimonial from David Grossman, M.D. at Main Line Emergency Medicine Associates (MLEMA) I am the Compliance officer, for Main Line Emergency Medicine Associates (MLEMA), We are an emergency medicine practice, conducting provider services for Main Line Health hospitals, in southeasternPennsylvania. In February, 2012, our practice decided to get Breach insurance and...
We are very excited to announce that Healthcare Providers Insurance Exchange (HPIX) and HIPAA Secure Now! have created a partnership to provide HIPAA risk assessments to all of HPIX clients. HPIX will pay for the risk assessment and provide the service free to their clients. HPIX will utilize our HIPAA Secure Now! service to perform...
The Alaska Department of Health and Social Services (DHSS) was handed a $1.7 million fine by the Office of Civil Rights (OCR). The fine is one of the largest imposed on an organization. A closer look reveals why the fine was so large. Healthcare Info Security gives an in-depth look at the fine. The Alaska...
OCR released the details of the HIPAA audit protocol. There aren’t a lot of surprises in their list of items they look for during an audit. The protocol looks like a summary of the HIPAA Privacy and Security Rules with the addition of the Breach Notification Rule. There are 77 items for HIPAA Security and...
We wrote about LinkedIn having 6 million passwords stolen. eHarmony has also been a victim of 1.5 million passwords being stolen. The clear message here is that if these large websites can be victims of cyber-criminals, much smaller organizations stand little chance in defending its information. Both LinkedIn and eHarmony are well funded companies that...
There are many tools available to organizations that help them perform the required HIPAA and Meaningful Use Risk Assessment. The problem with an organization doing their own Risk Assessment revolves around the saying What you put in is what you get out In order to get an accurate analysis of risks to patient information it...
The office of National Coordinator for Health Information Technology (ONC) has published a useful guide to Privacy and Security of Health Information (PDF). One of the sections looks at common myths and facts about a security risk analysis / assessment. Let’s take a look at it in more detail. Below are ONC’s myths and facts: Let’s look...
© 2026 · HIPAA Secure Now!
Recent Comments