Introduction As tempting as it may be to check off compliance requirements and leave them until the following year, these items require continuous attention. Covered entities and business associates handle vast amounts of sensitive patient information, making them prime targets for cyberattacks. Regular cybersecurity audits have become essential to ensure the safeguarding of this critical...
The Year-Round Commitment to SRA Recommendations A Pillar of HIPAA Compliance As a covered entity or business associate, protecting sensitive patient information is not just a priority—it’s a legal and ethical obligation. HIPAA stands as the guardian of patient data, ensuring its security, privacy, and confidentiality. One of the cornerstones of HIPAA compliance is the...
5 Vital Plans Every Covered Entity and Business Associate Should Have in Place With cyberattacks and data breaches on the rise in healthcare, safeguarding sensitive information has become paramount for organizations. For covered entities and business associates, proactivity is key to maintaining the integrity and confidentiality of data. Here are five essential plans that every...
“We’re being audited!” Those words strike fear and uncertainty in most of us – especially if you are in healthcare. But what actually happens in a HIPAA audit? Will a government official show up unannounced with a briefcase and ask for you to produce every bit of your business’s HIPAA documentation while sequestering your team...
Hello, HIPAA The Health Insurance Portability and Accountability Act, better know as HIPAA, was passed by Congress in 1996 and called for the protection and confidential handling of protected health information (PHI). HIPAA still exists today, aiming to protect patients and their information, but it’s important to think about how far we’ve come in the...
This article was written by Matt Fisher and originally appeared on the Mirick O’Connell Health Law Blog. It is published here with permission. At some point in time most group practices, hospitals or other provider organizations will receive a letter from the Office for Civil Rights (“OCR”). The letter will state that OCR received a...
Have you ever wondered what exactly triggers a breach case investigated by Health and Human Services? While a number of things may attribute to an investigation, according to Deven McGraw, deputy director for health information privacy at the HHS Office for Civil Rights, nearly every breach case investigated by the department stems from a...
Deven McGraw, deputy director of the Department of Health and Human Services’ Office for Civil Rights has announced that the department’s plans for initiating onsite audits is currently on hold and will remain so until more than 200 desk audits have been completed. An article over on Data Breach Today gives us great detail on...
HealthIT Security has a very good article on OCR HIPAA activities. A key message is that not all OCR complaints result in HIPAA violations OCR will continue to focus “its enforcement efforts and its resources” in areas of alleged non-compliance and “where corrective action under HIPAA may be the only remedy.” In terms of OCR...
Back in March, we reported that OCR had announced its Phase 2 Audit Program. When we last heard from OCR about Phase 2 HIPAA Audits, we saw that emails were being sent to Covered Entities and Business Associates. The purpose of the emails was to verify and expand the OCR HIPAA audit pool. We wrote...
© 2023 · HIPAA Secure Now!
Recent Comments