The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) is preparing to launch a new round of audits in 2024 to assess compliance with the HIPAA Security Rule across the healthcare sector. After long delays, HIPAA-regulated entities can expect increased scrutiny on their security practices and risk management programs. Why New...
Whether you’re considering opening a healthcare business or a seasoned professional concerned with growing threats, navigating the complexities of HIPAA compliance can be a daunting task. With the evolving landscape of cybersecurity threats and the increasing importance of protecting patient data, it’s crucial to ensure your organization is fully compliant with HIPAA. In this blog,...
When it comes to supporting your business goals, social media platforms like Instagram, Facebook, and even Google Reviews are invaluable tools for connection and growth. However, publicity and privacy don’t often go hand-in-hand. HIPAA sets strict standards for the protection of electronic protected health information (ePHI), and non-compliance can result in significant fines and reputational...
Third-Party Risk Management in Healthcare: Safeguarding Patient Data Beyond Your Organization As a healthcare organization, you have a legal requirement to protect the sensitive data of your patients. However, your data security efforts don’t stop at your own organization’s walls. In today’s interconnected world, effectively managing third-party risk is crucial for safeguarding patient information and...
Introduction: HIPAA-enforcer, the Office for Civil Rights (OCR), recently published Director Melanie Fontes Rainer’s presentation from HIPAA Summit 41. The message is clear: cybersecurity is the department’s top priority for 2024. Prioritizing Investigations: The presentation began with a summary of top investigation priorities. Fontes Rainer highlighted that the OCR will focus primarily on cases...
In addition to most in-demand, most impactful, and most burnt-out, healthcare has also recently taken the #1 title for most ransomware attacks in 2023. FBI’s Alarming Findings The Federal Bureau of Investigation’s (FBI) 2023 Internet Crime Report paints a stark picture: 880,418 complaints $12.5 billion in financial losses (22% surge from 2022) Healthcare organizations the...
More than just a mandatory HIPAA requirement, Security Risk Assessments are critical to ensuring the security of your healthcare organization. As cyber threats evolve, so must our strategies to safeguard electronic Protected Health Information (ePHI). In this blog, we’ll navigate through the steps involved in a comprehensive risk assessment, empowering covered entities and business associates...
While the Health Insurance Portability and Accountability Act (HIPAA) is all about protecting patient privacy, the Privacy Rule is just one of five areas of regulation. When it comes to annual requirements, the other heavy hitter is the Security Rule, which focuses on securing technology. This blog explores the key aspects of the HIPAA Security...
In the dynamic realm of healthcare, mobile devices have become seamlessly woven into the fabric of delivering efficient and timely patient care. Covered entities and business associates need comprehensive mobile device management (MDM) practices to ensure not only HIPAA compliance, but more significantly, a commitment to upholding the confidentiality, integrity, and availability of vital patient...
What We Know So Far (February 2024) With cyber-attacks on the rise in healthcare, HIPAA enforcer, the Department of Health and Human Services (HHS), has taken proactive measures to enhance the sector’s resilience against these growing threats. As covered entities and business associates adapt to emerging challenges, understanding and implementing the voluntary Healthcare and Public...
© 2026 · HIPAA Secure Now!
Recent Comments