HIPAA Blog Posts: HIPAA Compliance Online Software
HIPAA policies need to be built on a Cyber Security Framework (CSF) to be valid. Old policies written by consultants, lawyers, in-house IT, or bought off the internet do not meet the new CSF standards.
Willful Neglect of HIPAA compliance has caused companies to go bankrupt. How would you handle a six figure penalty from OCR?
Leaving 31,800 patient records open and accessible on the Internet cost St Josephs Hospital a $7.5 million dollar settlement of a class action suit and a $2.145 million dollar fine from OCR. Quarterly risk assessments might have revealed the problem sooner or prevented it from happening at all.
A quarterly risk assessment showing progress on compliance is your best HIPAA certification. Progress not perfection is what HHS and OCR seek and a quarterly risk assessment is the best certfication of progress.
Combining sophisticated Internet tools with experienced consultants can deliver a HIPAA risk assessment based on the NIST protocol quickly and at a reasonable cost.
"Automated HIPAA Risk Assessment "
Thu, Jun 9, 2016 12:00 PM - 1:00 PM PDT
1. Click the link to join the webinar at the specified time and date:
Demonstrating progress is the key to HIPAA compliance. Periodic HIPAA risk assessments that meet the NIST protocol are the proof.
HHS has repeatedly stated that there is no authorized certification process for HIPAA compliance, but companies still make the claim. Beware of the FTC because they are fining companies that advertise false HIPAA compliance capabilities.
What is more efficient and cost effective, having a HIPAA consultant come to your site (house call) or connecting with them through the Internet (telemedicine)?
In another example of hackers targeting PHI, Baltimore-based CareFirst BlueCross BlueShield disclosed on May 20 that an "unauthorized intrusion" into a database dating back to June 2014 resulted in a breach affecting 1.1 million individuals.