One of the requirements of the HIPAA Security Rule is to audit access to Protected Health Information (PHI). Auditing is the recording of access to PHI. It usually includes: who accessed PHI, when was PHI accessed and what PHI was accessed? Many EHRs and all certified EHRs for Meaningful Use have the ability to audit...
The HIPAA Omnibus Final Rule brings a significant change to the HIPAA/HITECH Breach Notification Rule. Prior to the HIPAA Omnibus Rule, organizations were required to perform a risk assessment to determine if there was likely harm to a patient resulting from a privacy breach. Determining if the breach resulted in harm was referred to as...
Pilot Program Last year the Department of Health and Human Services’ Office for Civil Rights (OCR), which enforces HIPAA, conducted 115 HIPAA compliance audits. The program is being looked at as a pilot project that will eventually be used to put in place a permanent audit program. According to a HealthcareInfoSecurity interview with OCR’s Susan...
Risk of owning a car If you take a step back and think of the risks of owning a car I think you would be shocked. Cars have associated risks that could significantly impact you and your family. Some of the risks include: The risk of being hurt or killed in a car accident The...
There is a very good article over at HealthData Management called Want to Impress OCR During a HIPAA Audit? Write a Book The author discusses the benefits of creating a “Book of Evidence” that your organization is in HIPAA compliance if you were to get audited by the HHS Office of Civil Rights (OCR). Creating...
We know you know about HIPAA security. HIPAA breaches are in the news on a weekly basis. The new HIPAA Omnibus Rule has been finalized and there is a lot of buzz about it. So the question is why haven’t you gotten serious about HIPAA security? We think we know some of the reasons. ...
Dr. Farzad Mostashari, the National Coordinator for Health Information Technology at the U.S. Department of Health and Human Services, participated in an excellent interview. He gave insight into: EHR technologies Where the Meaningful Use program is headed EHR interoperability The future of Regional Extension Centers It was a very good interview and I urge everyone to read...
In a very interesting article titled Why Gang Members Want Your Identity Fox Business News reporter Kate Rogers examines a disturbing trend of stealing electronic patient records and using them to commit crimes. Gang members are stealing patient records and using them to file false tax returns. Detective Craig Catlin of the North Miami Beach...
Two recent articles shed some needed light on the risk of Cybercrime to small businesses including medical practices. Most Small Businesses Don’t Recover From Cybercrime The first article from the Wall Street Journal titled Most Small Businesses Don’t Recover From Cybercrime examines how many small businesses suffer from cyberattacks and the consequences of those attacks....
I came across an article on HIStalk Practice that describes exactly what happens when a laptop containing patient information is stolen from an employee’s car. The stolen laptop cost the company around $300,000. An analysis and breakdown of the costs are provided in the article. A few things to note about the article: The article...
© 2026 · HIPAA Secure Now!
Recent Comments