You’ve likely heard of a risk analysis. Hopefully, you’ve also performed one for your organization. Whether you’ve been helping your organization work on its HIPAA compliance for years, or you’re new to the world of HIPAA, performing a risk analysis should be a high-priority item on your business’s to-do list. Let’s start with the basics....
HIPAA Requirement While it is required within HIPAA rules and regulations to complete a risk assessment regularly, the question may still be in your mind regarding WHY you have to do this. The legal ramifications are obvious. If audited, you’ll have to show a risk assessment as part of your HIPAA compliance program. And remember,...
As the digital ecosystem continues to thrive and advance, so too must the regulations and practices for safely caring for sensitive data. That is especially true for the healthcare industry, which continues to be a prime target for cybercriminals. Healthcare practices need to appropriately safeguard electronic protected health information in compliance with the Health Insurance...
As we move into the second half of the year, many practices and physicians are starting to consider the data they will need to submit under the MACRA/MIPS program. The MACRA/MIPS rules change slightly every year, and this year is no exception. Even though the rules have been adjusted, a basic requirement remains in place: ...
April 2018 OCR Cyber Security Newsletter Risk Analyses vs. Gap Analyses – What is the difference? The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security and Breach Notification Rules require covered entities and their business associates to safeguard electronic protected health information (ePHI) through reasonable and appropriate security measures. One of these measures required...
While mobile devices play a major role in how we stay connected to the world in our personal lives, they are also becoming increasingly popular in our work environments. Not only are mobile devices such as smartphones, tablets and laptops convenient in the workplace, but they can also help increase productivity. In its October cybersecurity...
A recent survey conducted by Netwrix found that although healthcare organizations understand the importance of protecting patient information, they often fall short on improving their security measures. An article on PR Newswire explores the findings of the Netwrix survey. The survey included responses from IT professionals across various industries, including healthcare. Where are healthcare organizations...
George DeCesare, Chief Technology Risk Officer for Kaiser Permanente, met with the Health and Human Services Department as well as other security experts and came away with some shocking truth. An article on Healthcare IT News provides some great insight on why falling below the cybersecurity poverty line could be detrimental to health organizations. Seventy-five...
Congress may be poised to roll back the Affordable Care Act, but HIPAA and MACRA, the Center for Medicare & Medicaid’s (CMS) new model for reimbursements, are as certain to remain as death and taxes. Moreover, MACRA and HIPAA go hand in hand. Physicians cannot participate in MACRA, which went into effect on January 1,...
In the January, 2017 edition of the OCR Cyber Newsletter (PDF), OCR gives guidance to what is required from Covered Entities and Business Associate regarding auditing / monitoring of access to PHI. Covered Entities and Business Associates should make sure that they appropriately review and secure audit trails, and they use the proper tools to...
© 2021 · HIPAA Secure Now!
Recent Comments