HIPAA Blog Posts: HIPAA Covered Entity

HIPAA HITECH Compliance for BAs and Sub-Contractors

Business Associates (BA) and Sub-Contractors (Subs) have a new challenge; becoming HIPAA HITECH compliant, staying compliant, and proving compliance.

Continue reading…

Enterprise Wide Privacy and Information Security Management (HIPAA HITECH)

New technology and methodology combined with decades of compliance experience have come together in the Master Program, designed  to deliver a cost effective and efficient method of managing hundreds of healthcare entities as they seek to get HIPAA HITECH compliant, stay compliant, and prove compliance.

Continue reading…

HIPAA HITECH "Final Rule" in March 2011

Part II: Regulatory Information Service Center: Introduction to The Regulatory Plan and the Unified Agenda of Federal Regulatory and Deregulatory Actions.” According to this official document, the HHS will issue the final rule in March of 2011." Rebecca Herold

Continue reading…

Looking ahead on HIPAA enforcement,Wiley Rein LLP, Kirk J. Nahra

In summary, while the HITECH enforcement era has been slow to emerge, we can expect at least a modest uptick in 2011, particularly when the final HITECH rules take effect. In addition, we may see enforcement steps-potentially with higher penalties or other consequences-by both relevant state agencies and the FTC.

Continue reading…

Insurance For HIPAA HITECH Breach?

"Whether a breach results from human error (a typical cause for breach) or from organized or individual cyber crime such as hacking and stolen laptops (a less typical, but increasing risk), insurance companies such as Chartis, Beazley, and Hiscox are willing to underwrite certain computer security risks and cover specified losses that may be incurred by an insured from a PHI security breach."

Continue reading…

New HIPAA HITECH Solution: The Compliance Master Program Manages an Entire Enterprise

With the release of the Master Program, Compliance Helper now has HIPAA HITECH solutions for the largest covered entities and business associates, as well as the smallest Sub-Contractor.

Continue reading…

HIPAA: the new enforcement culture, Ober Kaler, James B. Wieland

"However, as the health care system moves inexorably towards electronic health records — and as more and more protected health information is stored and moved in electronic form — all covered entities should be paying attention to the security of their information systems, because the culture of HIPAA compliance is changing."  

Continue reading…

Automatic fines: HITECH, HIPAA and willful neglect the importance of policies and procedures,Dickinson Wright PLLC, Craig A. Phillips and Tatiana Melnik

"Business associates. The HITECH Act expanded the scope and application of HIPAA to directly apply several of HIPAA’s security and privacy requirements to business associates. Among other provisions, this expansion includes the Policies and Procedures and Documentation Requirements outlined in 45 CFR § 164.316, which requires organizations to “[i]mplement reasonable and appropriate policies and procedures to comply with the standards, implementation specifications, or other requirements” of the Security Rule."

Continue reading…

"Periodic Audits" Included in HIPAA HITECH Final Rule

Additionally, OCR, developing a HITECH Act required "periodic audit" plan, which will be targeted to ensure that covered entities and business associates comply with the requirements of the Privacy and Security Rules.    

Continue reading…

HIPAA HITECH "Satisfactory Assurances": The Compliance Meter (tm)

§ 164.308 Administrative safeguards.
(b)(1) Standard: Business associate contracts and other arrangements. A covered entity, in accordance with §164.306, may permit a business associate to create, receive, maintain, or transmit electronic protected health information on the covered entity's behalf only if the covered entity obtains satisfactory assurances, in accordance with §164.314(a) that the business associate will appropriately safeguard the information.

Continue reading…