HIPAA Blog Posts: HIPAA HITECH Act
ONC states that just because you have a certified EHR that does not necessarily mean that you have met the privacy and information security requirements of the HITECH Act. Compliance is a process, not a tool.
Ponemon Institute survey states 90% of healthcare organizations not ready for HIPAA HITECH which goes into effect February 18, 2010.
A Webinar on January 28th at 11:00 AM PST, “HIPAA/Hitech Compliance for Benefits Brokers and Consultants” , cosponsored by The Industry Radar, ZIX Corp, and Compliance Helper.
The HIPAA HITECH Compliance Meter(tm) is getting noticed in the marketplace as more and more covered entities realize that they need to have a real time window into the compliance level of their business associates.
David Harlow has an excellent blog about the Connecticut AG suing Healthnet, his admonition:Don't be the "Son of HIPAA".
I would define willful neglect in the case of the HITECH Act as; sending an amended business associate agreement stating that the business associate should "be careful" and then assuming you are covered. As an old boss once told me, never assume because that merely makes an ass of u and me.
The HIMSS Survey indicated that hospitals are going to take a more proactive role in managing their business associates.
“Breaches on average cost an organization $4.1 million or $197 per record breached.”
-- Source: Javelin Research
“Data Breach Defense 2009”
Despite your best efforts the chance of a breach is relatively high. So you should have a breach notification plan which should include outsourcing to a company focused on that service.
Top 5 Intriguing Risk Articles of 2009
by Karen Coburn, President & CEO, Cutter Consortium
This week, we're taking a look back at the five most intriguing articles published in Cutter's Enterprise Risk Management & Governance practice over this past year.