HIPAA Blog Posts: HIPAA Covered Entity
This free webinarwill show how to manage a comprehensive privacy and information security program for a large covered entity, cost effectively and efficiently. The Master Program uses a cloud computing model to deliver the effect of an on-site consultant at a fraction of the cost. The Compliance Meter (tm) allows a central office to monitor hundreds of business units remotely. Register here:
You are not a dummy but HIPAA HITECH compliance has created some new challenges. How to get compliant, how to stay compliant, how to prove compliance, how to get "satisfactory assurances" that your business partners are compliant? These are all subjects that will be addressed in a series of "How To" webinars. The first group will be on April 13, 20, 27, and May 4th at 8:00 AM PDT. Go to www.compliancehelper.com for registration information.
Rebecca Herold was recently quoted in an article about the Health Net breach but I thought her full comments should be read. Here is her blog:http://privacyguidance.com/blog/2011/04/06/health-net-incident-impacting-1-9-million-lessons-learned/
HIPAA Enforcement on the Rise: Do You Know Who Your Business Associates Are? Steven Bentfield Posted by Cynthia Larose on March 28, 2011
"These are just a few observations and recommendations in light of stepped-up HIPAA enforcement. Covered entities and business associates should take additional proactive steps to ensure that they are prepared if and when the unthinkable (dare to say inevitable?) occurs. These include reviewing and updating current HIPAA policies and practices, providing ongoing workforce HIPAA training, monitoring overall HIPAA compliance, and tracking the latest developments with HIPAA regulations and federal and state enforcement activities."
According to news reports up to 9 servers are missing from an IBM facility with over 1.9 million patient files belonging to Health Net. This breaks Health Net's old record of 1.4 million lost in Connecticut.
In a written justification of its 2012 budget request, the Office for Civil Rights reports that as of September 30, 2010, it had received 9,109 reports of breaches affecting fewer than 500 individuals. That represents one complete year of reports—an average of 25 reports per day.
On March 23, 2011 at 8:00 am PST Compliance Helper and Rebecca Herold and Associates will present their unique cloud computing model for helping healthcare organizations manage compliance for their own enterprise as well as managing their Business Associates (BA). This program covers not only HIPAA HITECH but all aspects of privacy and information security efficiently and cost effectively. This is truly a disruptive innovation for healthcare compliance.
HIPAA HITECH compliance is an ongoing process which requires an innovative approach to providing proof of compliance. The Compliance Meter (tm) provides a real-time indicator of the level of compliance by displaying the four critical areas of compliance; tasks completed, policies approved, procedures approved, and forms approved. The Compliance Meter (tm) is a widget that may be displayed on your own website or deployed to business partners, providing complete transparency.
Knock Knock. That could be OMIG at your door for an unannounced visit -- not to audit your facility or clinic’s claims or cost reports, but to assess your compliance program. OMIG has made such visits to speak with the compliance officer, to review the compliance plans, and to see evidence of the provider’s certification. Accordingly, facilities should be prepared to respond to unannounced visits from OMIG inquiring about the organization’s compliance structure and practices.
Health care insurance and services company Health Net agreed to pay a $375,000 fine to resolve an enforcement action by the Connecticut Department of Insurance regarding a 2009 data breach.