Health IT, HIPAA, and the CMS Incentive Programs Blog
For physicians, hospitals, government agencies, and business associatesRodriguez of OCR discusses HIPAA Enforcement, other topics
Leon Rodriguez, Director of the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services, celebrated September 23, 2013, the first day for enforcement of the HIPAA Omnibus Rule, by addressing the HIMSS Health Privacy Forum in Boston. Rodriguez...
Risk Reduction with Email Breach Notification
HIPAA Covered entities across the country are updating their policies in advance of the September 23, 2013 compliance deadline for the HIPAA Omnibus rule changes. Covered entities – hospitals, physician practices and other providers – can reduce their risks with a...
OCR Releases attractive Notices of Privacy Practices
Yesterday the Department of Health and Human Services Office of Civil Rights (OCR), the agency responsible for enforcing the HIPAA regulations, released model notices of privacy practices. Eight versions were released, 4 for health providers and 4 for insurers. These...
Computer Security Risk Analysis – Medical Identity Theft
Medical Identity Theft is on the rise according to the latest Ponemon Institute research released yesterday. Ponemon estimates that 1.8 million people, just under 1% (0.8%) of U.S. adults, were affected in 2013, a 19% increase over 2012. Based on survey data from...
Meaningful Use Audits
The meaningful use audits are in full swing and both hospitals and physicians are being audited. For most hospital or physician practice that retained careful documentation prior to submission, these audits are relatively painless. Unfortunately, some organizations,...
Is your Cloud Backup Company a HIPAA Business Associate?
More and more organizations are using cloud providers for computer backup. Internet upload speeds have increased, and the technology of cloud providers to provide incremental backup has become more sophisticated. And, very importantly, using cloud backup provides the...
County Boards – Review HIPAA Compliance for your Non-Profit
We all know that new HIPAA regulations – with a compliance deadline of September 23, 2013 – affect all of Ohio's County Boards of Developmental Disability. Hopefully, policy development and other compliance activity is well underway. In most cases, the affiliated...
Compliance is not Security
HIPAA requires covered entities – and now business associates – to comply with the HIPAA Security Rule. However, compliance with these requirements is not the same as effective security. This fact can be illustrated in the case of business associates offering...
