HIPAA Security Risk Analysis
The HIPAA Security Risk Analysis, also known as a security risk assessment, is a fundamental process required by the HIPAA Security Rule. Health care providers, payers, clearinghouses and Business Associates are all required to conduct a HIPAA SRA. A limited-scope SRA is also required by the Meaningful Use (Advancing Care Information) program. For Meaningful Use, the SRA is required on an annual basis.
by Gary Pritts | Apr 25, 2014 | HIPAA
Covered entities and business associates who need to comply with HIPAA encryption standards first have some high-level planning which is addressed in the post Encrypting Mobile Devices – First Create a Plan. Many organizations will choose to use... Read More
by Gary Pritts | Apr 24, 2014 | HIPAA
The recent enforcement actions against Concentra Health Services and QCA Health Plan, Inc. are two more messages to HIPAA covered entities (and business associates!) to encrypt their PHI. For most organizations, encrypting mobile devices is usually the first priority... Read More
by Gary Pritts | Apr 23, 2014 | HIPAA
Stolen laptops have led to major HIPAA enforcement actions, announced yesterday, for two more covered entities. Concentra Health Services (Concentra) and QCA Health Plan, Inc. of Arkansas have paid the HHS Office for Civil Rights (OCR) $1,975,220 collectively to... Read More
by Gary Pritts | Mar 25, 2014 | HIPAA
In just under 3 weeks, Microsoft will end the Windows XP era ending support for both Windows XP and Microsoft Office 2003 on April 8, 2014. Most Microsoft products have a life cycle of about a decade, but these two products have been around longer. What prompted the... Read More
by Gary Pritts | Mar 14, 2014 | HIPAA
At HIMSS 2014, James Robnet, IRS Special Agent in charge of the IRS Tampa, FL field office, presented an update regarding IRS tax fraud and how fraudsters present data breach risks to hospitals, physicians and other health providers. When conducting a meaningful use... Read More
