FierceEMR posted a story on how some providers are attesting to meaningful use measures but are actually not addressing all of the required measures. Specifically some providers are stating that they have performed a meaningful use risk assessment on how patient data is being protected but have not actually performed the risk assessment. The article...
The Department of Health and Human Services (HHS) announced that they have awarded a $9.2 million contract to the consulting firm KPMG. KPMG will develop the process and perform HIPAA audits. There will be an estimated 150 onsite audits by the end of 2012. The audits are a requirement under the HITECH act and have...
One of the most important aspects of complying with the HIPAA Security Rule is to perform a risk assessment to evaluate how an organization is protecting patient data. The results of the risk assessment provide a playbook for how additional protections can lower the risk to patient information. Let’s take a closer look at the...
Health Info Security has published the transcript from an interview with Susan McAndrew of the Department of Health and Human Services’ Office for Civil Rights. The article is very good and should be read in its entirety. Below are some of the key points. When asked if business associates as well as covered entities will...
Susan McAndrew, deputy director of The HHS Office of Civil Rights (OCR) gives a very insightful interview to Howard Anderson, Executive Editor, HealthcareInfoSecurity.com. There are a lot of good points and I suggest reading the whole interview. I will point out a few of the highlights. When asked about who will be audited, McAndrew was...
In a previous post I discussed the risk of having patient information on smartphones. I ended the post with stating that a HIPAA Risk Assessment can help reveal where security measures are needed. Let’s look at that a little more in depth. Many people are confused as to what a HIPAA Risk Assessment is. Here...
The problem with HIPAA compliance and security in general is that there are so many products and services on the market, how does one decide which are the right ones? Let’s not discuss a HIPAA security service (although we hope you choose HIPAA Secure Now!) but let’s look at after you have taken the first...
I had a conversation with a group of physicians a couple weeks ago that shed some interesting light on where patient information resides and how to protect it. Each of the 5 physicians had a smartphone of various manufacturers. Two had iPhones, two had Android phones and one had a Blackberry phone. I asked the...
To be successfully in any business you need a few basic elements. Two of the elements include; customers that value your service and are willing to purchase your services. Secondly, you also need to eliminate or reduce liabilities that can damage or hurt your business. Implementing HIPAA security can help your business The first element...
There is a great post over at Infosec Island regarding a letter that was received from the Office of Civil Rights (OCR) after a data breach that occurred at a small medical practice. The breach was the result of a burglary. No details were given on what was stolen or what kind of patient information...
© 2025 · HIPAA Secure Now!
Recent Comments