HIPAA Blog Posts: HIPAA Covered Entity

Data Breach in October 2009 Caused by Third Party Vendor States Anthem Blue Cross on June 25, 2010

"Anthem officials said its corporate website had been revamped in October by a third-party vendor that, according to the health insurer, failed to secure sections of the site to ensure visitors couldn't access members' medical records and Social Security numbers." from a blog by Larry Barrett to eplanetsecurity, June 25, 2010

  •  

Continue reading…

Business Associate (BA) Causes HIPAA HITECH Breach of Over 200,000 at Anthem Blue Cross

As we have been saying for months your business associates (BA) represent the highest risk to your PHI and just having a BA agreement in place isn't going to protect you in the event of a breach.

Continue reading…

HIPAA HITECH Breach Prevention on Hold, Breach Notification in Force, Does this Make Sense?

In the same announcement that stated that enforcement of HIPAA HITECH and particularly sections relating to business associate liablity were delayed, it was announced that breach notification was being enforced.  Isn't this the cart before the horse?

Continue reading…

HIPAA-related HITECH regulations on July 8, "Lucy" and the football redux.

Lucy is telling all of us Charlie Browns that the HITECH regulations will be delivered by July 8th, hah! 

Continue reading…

Data Breach of 200,000 by Anthem Blue Cross

Another entrant on OCR's  Wall of Shame as Anthem Blue Cross of Orange County California breaches 200,000 records.

Continue reading…

Overlooked “Business Associates” Under the HITECH Act

Continue reading…

HIPAA HITECH Regulations on June 26th, Rumor Says

HIPAA HITECH regulations to be released on June 26th. Another trial ballon or is this the real thing this time? 

Continue reading…

OCR to Focus on Risk Mitigation, Who's In Charge?

Who is in charge of risk mitigation is an important question to ask, as the operators of the Deepwater Horizon found out.

Continue reading…

Business Associates Waiting for HIPAA HITECH Clarification from HHS

Business Associates are avoiding HIPAA HITECH compliance due to HHS announcing "delay in enforcement".

Continue reading…

Proactive HIPAA HITECH Audits Coming Soon to Your Neighborhood

In the past HIPAA audits have been reactive or truthfully unactive, but OCR says they will be contracting for proactive audits by the end of the year.

Continue reading…