HIPAA Security Risk Analysis
The HIPAA Security Risk Analysis, also known as a security risk assessment, is a fundamental process required by the HIPAA Security Rule. Health care providers, payers, clearinghouses and Business Associates are all required to conduct a HIPAA SRA. A limited-scope SRA is also required by the Meaningful Use (Advancing Care Information) program. For Meaningful Use, the SRA is required on an annual basis.
by Gary Pritts | Jul 2, 2014 | HIPAA
HHS Report of Breaches, 2011-2012, Part #1 The U.S. Department of Health and Human Services (HHS) submitted their Annual Report to Congress on Breaches of Unsecured Protected Health Information (PHI), for the calendar years 2011-2012. Theft and loss of computing... Read More
by Gary Pritts | Jun 18, 2014 | HIPAA
The HHS Office for Civil Rights (OCR) has shared information about Phase 2 of its HIPAA Audit Program – including the timing, focus and approach of these audits. Rebecca Williams, RN, JD of Partner at Davis Wright Tremaine offered insights and tips for health care... Read More
by Gary Pritts | May 22, 2014 | HIPAA
Incidents of lost and stolen assets are amount the most common causes of data loss or exposure, as reported by data breach incidents analyzed in Verizon’s 2014 Data Breach Investigations Report. This recent study collected data on over 63,000 confirmed security... Read More
by Gary Pritts | May 20, 2014 | HIPAA
A tax fraud gang appears to be targeting a large number of healthcare and senior living organizations that all use the same vendor for payroll and HR services. KrebsOnSecurity previously covered this gang’s criminal activity in April, when they encountered a... Read More
by Gary Pritts | May 19, 2014 | HIPAA
On February 11, 2014, Centura Health, the nonprofit umbrella that owns Mercy Regional Medical Center in Durango, Colorado, experienced a phishing attack on employees that resulted in a breach of privacy that left the personal information of about 1,000 patients... Read More
