by Gary Pritts | Feb 17, 2012 | HIPAA
Adam Greene, JD, MPH, a former regulator in HHS, recently shared details about the random audit program begun by the HHS Office of Civil Rights (OCR). The audit targets are selected using stratified random samples based on a database of covered entities created by OCR...
by Gary Pritts | Jan 15, 2012 | HIPAA
An industry-standard feature on wireless routers marketed to consumers and small businesses, Wi Fi Protected Setup (WPS), is vulnerable to a simple “brute force” attack. Free tools are already available to gain access to these routers. Making matters...
by Gary Pritts | Dec 14, 2011 | HIPAA
EHR Authors and Value Added Resellers (VARs) will soon have their own HIPAA obligations. At present, EHR Authors and VARs are contractually obligated by the terms of any HIPAA Business Associate Agreements (BAAs) they have signed. Soon, EHR Authors and VARs (and all...
by Gary Pritts | Dec 7, 2011 | HIPAA
Facebook, and other Social Media including Twitter, Google+, LinkedIn, and others are a reality of mainstream society. Employers in general, including HIPAA covered entities, are grappling with this new reality. On the one hand, social media have been proven to be a...
by Gary Pritts | Dec 6, 2011 | HIPAA
The Joint Commission (JCAHO) weighed in recently regarding the issue of physicians using text messages to transmit orders. They didn’t explicitly state that their opinion was related to the HIPAA regulations, but we infer that HIPAA was part of the thought...
by Gary Pritts | Nov 18, 2011 | HIPAA
The Department of Health and Human Services Office of the Inspector General, the agency’s watchdog, has released its annual work plan. It is 117 pages specify hundreds of work items reviewing every nook and cranny of the health system. Medicare and Medicaid...
by Gary Pritts | Nov 9, 2011 | HIPAA
The random HIPAA compliance audits mandated under the HITECH Act will begin this month. Yesterday, the HHS Office of Civil Rights (OCR) announced that every covered entity and business associate is eligible for an audit. To guide future audit efforts, a wide range of...
by Gary Pritts | Sep 2, 2011 | HIPAA
Texas Governor Perry recently signed House Bill 300 — which further strengthens Texas medical privacy laws, which were already more stringent than HIPAA. To begin, HIPAA currently covers only providers, insurers, and clearinghouses — while Texas law...
by Gary Pritts | Aug 20, 2011 | HIPAA
On August 11, 2011, the HHS Office of Civil Rights, the agency responsible for enforcement of the HIPAA regulations, delivered its first annual report on HIPAA Compliance and Enforcement to Congress. OCR shed a little light on the subject of random compliance audits...
by Gary Pritts | Jul 20, 2011 | HIPAA
In May 2011 The HHS Office of the Inspector General (OIG) published their findings regarding CMS’s oversight and enforcement of the HIPAA Security Rule. The findings state that the oversight and enforcement actions “were not sufficient” to insure...
