Here is a list of common HIPAA violations that we find while performing a HIPAA Risk Assessment: Using Dropbox to store PHI Everyone loves Dropbox! Dropbox is simple, easy to use and convenient. It makes backing up and sharing data very easy. Unfortunately Dropbox is NOT HIPAA compliant. So use Dropbox for personal use but...
When it comes to complying with the HIPAA Security and Omnibus Rules, there is a lot of confusion as to what needs to be done. And if you look at the amount of work it can be overwhelming; security risk assessment, employee training, policies and procedures, business associates, breach notification, encryption, disaster recovery to name...
We have been writing about the permanent HIPAA audit program that will be put in place in 2014. Details of the program are starting to be released. The full text can be access by going to: Agency Information Collection Activities; Proposed Collection; Public Comment Request Here are some of the highlights: Number of Organizations A...
WZZM13 is reporting that several employees of Spectrum Health in Grand Rapids, MI have been fired over a picture of a patient posted on Facebook. A source tells WZZM 13 News that an off-duty employee was in the emergency room when he saw an attractive female. He took a picture of her back side and...
Microsoft recently released a research website that will help prevent the use of weak passwords. Weak passwords can be easily guessed and can put sensitive information including patient information at risk. The new site is called Telepathwords According to Microsoft: How does Telepathwords work: Telepathwords tries to predict the next character of your passwords by...
Morristown, NJ — (SBWIRE) — 12/10/2013 — HIPAA Secure Now! (HSN) announced today a low cost HIPAA security service aimed at organizations with 10 or fewer employees. The new service called the HIPAA Basic Service includes a thorough HIPAA / Meaningful Use risk assessment, HIPAA security training / compliance testing for all employees and 1...
Nobody thinks complying with the HIPAA Security and Omnibus Rules are easy. Both HIPAA regulations are hundreds of pages long, require a lot of understanding, planning, policies and technology to be in full compliance. It should be noted that there is a huge difference between not complying, trying to comply and being in full compliance...
Leon Rodriguez, director of the U.S. Department of Health & Human Services’ (HHS) Office for Civil Rights (OCR), spoke this week at the HIMSS Privacy and Security Forum in Boston. Rodriquez gave some interesting insight into where HIPAA enforcement is going. The permanent audit program is scheduled to be in place the beginning of 2014....
September 23, 2013, the official date that HIPAA Omnibus regulations are enforced. One of the results of the new HIPAA Omnibus Rule is that it has raised awareness of HIPAA regulations. Existing covered entities (hospitals, physicians, dentists, chiropractors) and business associates (IT companies, medical billing, law firms, etc.) are scurrying around in efforts to be...
Here is a secret that compliance experts have known for a long time: It is very difficult to be 100% compliant with HIPAA regulations Of course, you have probably seen claims like these: Buy our product and we will make you HIPAA compliant Compliance in a box! Be HIPAA compliant in 30 days! Snake oil...
Recent Comments