HIPAA HITETCH Compliance Blog Archive

HIPAA HITECH Breaches Posted by OCR

Breach happens and now when it doe the world knows.  OCR posting breaches on their website.  See who you know.

Continue reading…

HIPAA HITECH Compliance:Trust but Verify

How can a covered entity be "reasonably assured" that a business associate is compliant with HIPAA HITECH?  Trust but Verify.

Continue reading…

HIPAA HITECH "Indemnification and Assurance"

Law firm suggests that business associate agreements (BAA) be amended to strengthen indemnification and assurance that the business associate (BA) is in compliance with HIPAA HITECH.

Continue reading…

Covered Entities need Active program for managing business associates

In her February article in Compliance Today, Rebecca Herold states that covered entities must take an active role in managing the compliance of their business associates.  Hear her tomorrow on webinar https://www2.gotomeeting.com/register/207314795

Continue reading…

David Blumenthal Emphasizes Privacy and Security in HITECH Act

As healthcare ponders "meaningful use" they need to also remember "willful neglect".  David Blumenthal, in his New England Journalof Medicine, emphasized protecting privacy and security as a key factor in the HITECH Act.

Continue reading…

HITECH Act Webinar February 10th

At our HITECH Act Webinar on February 10th, Rebecca Herold, CISM, CISSP, CISA, CIPP, FLMI, one of the top privacy and information security experts, and Amy Leopard Esq, a leading healthcare  IT attorney, give you the complete picture of the HITECH Act, its impact, and what to do next.   Space is limited.  Reserve your Webinar seat now at: https://www2.gotomeeting.com/register/207314795
 

Continue reading…

HIPAA HITECH Compliance is an Ongoing Process

HIPAA HITECH compliance requires an ongoing process driven by policies and procedures which are the business rules by which you run your company.

Continue reading…

There's No Such Thing as a HITECH compliant tool.

ONC states that just because you have a certified EHR that does not necessarily mean that you have met the privacy and information security requirements of the HITECH Act.  Compliance is a process, not a tool.

Continue reading…

Hacker Attacks Against Healthcare Organizations Increase


Hacker Attacks Targeting Healthcare Organizations Doubled in the 4th Quarter of 2009 According to SecureWorks' Data
ATLANTA, Jan. 26 /PRNewswire/ -- SecureWorks®, Inc., a leading global provider of information security services protecting 2,700 clients worldwide, reported today that attempted hacker attacks launched at its healthcare clients doubled in the fourth quarter of 2009. Attempted attacks increased from an average of 6,500 per healthcare client per day in the first nine months of 2009 to an average of 13,400 per client per day in the last three months of 2009. Attempted attacks against other types of organizations, protected by SecureWorks, did not increase in the fourth quarter.
 

Continue reading…

HITECH Pain for Small Business Associate

A letter to a congressman complaining about the impact of HITECH on small business associates.

Continue reading…

90 % Not Ready For HIPAA HITECH

Ponemon Institute survey states 90% of healthcare organizations not ready for HIPAA HITECH which goes into effect February 18, 2010.

Continue reading…

HIPAA HITECH for Insurance Brokers

A Webinar on January 28th at 11:00 AM PST, “HIPAA/Hitech Compliance for Benefits Brokers and Consultants” , cosponsored by The Industry Radar, ZIX Corp, and Compliance Helper.

Continue reading…

HIPAA HITECH Compliance Meter(tm)

The HIPAA HITECH Compliance Meter(tm) is getting noticed in the marketplace as more and more covered entities realize that they need to have a real time window into the compliance level of their business associates.

Continue reading…

It's Not The Size That Counts - HIPAA Security Breach

"It's Not The Size That Counts"

Continue reading…

Son of HIPAA

David Harlow has an excellent blog about the Connecticut AG suing Healthnet, his admonition:Don't be the "Son of HIPAA".

Continue reading…

HIPAA HITECH and Willful Neglect

I would define willful neglect in the case of the HITECH Act as; sending an amended business associate agreement stating that the business associate should "be careful" and then assuming you are covered.  As an old boss once told me, never assume because that merely makes an ass of u and me.

Continue reading…

HIMSS Survey HIPAA HITECH

The HIMSS Survey indicated that hospitals are going to take a more proactive role in managing their business associates.

Continue reading…

HIPAA HITECH Breach Notification

“Breaches on average cost an organization $4.1 million or $197 per record breached.”
-- Source: Javelin Research
“Data Breach Defense 2009”
January 2009

Despite your best efforts the chance of a breach is relatively high.  So you should have a breach notification plan which should include outsourcing to a company focused on that service.

Continue reading…

Rebecca Herold Amoung Top 5 Privacy Writers on HIPAA HITECH

Top 5 Intriguing Risk Articles of 2009
by Karen Coburn, President & CEO, Cutter Consortium
This week, we're taking a look back at the five most intriguing articles published in Cutter's Enterprise Risk Management & Governance practice over this past year.

Continue reading…

HIPAA HITECH Compliance and Blind Men

Seven different groups describing HIPAA HITECH is like Seven Blind men describing an elephant.

Continue reading…