The Provider Third Party Risk Management Council, made of a consortium of leading hospitals, introduced a new approach to third-party risk management. How can you better serve them? The solution is simple – any vendor of a certain size who wishes to do business with one the member hospitals must successfully complete – and annually maintain — a certification using the HITRUST CSF. Member hospitals will accept a HITRUST certification as evidence of a robust security program. No questionnaires or further dialog is necessary.Read More
This archive includes a variety of HIPAA topics including best practices for compliance, techniques for staff training, expert interpretations of the requirements and other topics.
Eagle works with clients in healthcare and healthcare business associates to ensure HIPAA Security compliance. We provide a set of policy templates for a variety of business associate types including Cloud Vendors, Third Party Administrators, and Information Technology companies.
2 Kansas Department for Aging and Disability Services employees were terminated after sending an email containing PHI of 11,000 individuals to improper recipients.Read More
A key reason for risk analysis failure during an audit by the HHS Office for Civil Rights is mistaking a technical or non-technical evaluation for a risk analysis.Read More
Partners issued a press release stating that it would begin notifying patients whose information was at risk after a malware attack in May 2017. An outside forensics team determined that sensitive data for approximately 2,600 patients was vulnerable.Read More