HIPAA HITETCH Compliance Blog Archive

The Blind Side of HITECH compliance; Business Associates

While covered entities are focused on their own HITECH compliance their business associates are their "Blind Side".

Continue reading…

ACR2 Solutions, Compliance Helper and Rebecca Herold announce strategic partnership

ACR2 Solutions performs risk analysis and when they discover enities needing policies and procedures they recommend the service developed by Compliance Helper and Rebecca Herold.

Continue reading…

What is Hiding on Your Copier: PHI?

Protected Health Information (PHI) is probably hiding on your copier without any protection.

Continue reading…

HIPAA HITECH and the Five Stages of Grief

The organizations affected by HIPAA and the HITECH Act are working their way through the five stages of grief; denial, anger, bargaining, depression, and finally, acceptance.

Continue reading…

HIPAA HITECH Breaches Posted by OCR

Breach happens and now when it doe the world knows.  OCR posting breaches on their website.  See who you know.

Continue reading…

HIPAA HITECH Compliance:Trust but Verify

How can a covered entity be "reasonably assured" that a business associate is compliant with HIPAA HITECH?  Trust but Verify.

Continue reading…

HIPAA HITECH "Indemnification and Assurance"

Law firm suggests that business associate agreements (BAA) be amended to strengthen indemnification and assurance that the business associate (BA) is in compliance with HIPAA HITECH.

Continue reading…

Covered Entities need Active program for managing business associates

In her February article in Compliance Today, Rebecca Herold states that covered entities must take an active role in managing the compliance of their business associates.  Hear her tomorrow on webinar https://www2.gotomeeting.com/register/207314795

Continue reading…

David Blumenthal Emphasizes Privacy and Security in HITECH Act

As healthcare ponders "meaningful use" they need to also remember "willful neglect".  David Blumenthal, in his New England Journalof Medicine, emphasized protecting privacy and security as a key factor in the HITECH Act.

Continue reading…

HITECH Act Webinar February 10th

At our HITECH Act Webinar on February 10th, Rebecca Herold, CISM, CISSP, CISA, CIPP, FLMI, one of the top privacy and information security experts, and Amy Leopard Esq, a leading healthcare  IT attorney, give you the complete picture of the HITECH Act, its impact, and what to do next.   Space is limited.  Reserve your Webinar seat now at: https://www2.gotomeeting.com/register/207314795
 

Continue reading…

HIPAA HITECH Compliance is an Ongoing Process

HIPAA HITECH compliance requires an ongoing process driven by policies and procedures which are the business rules by which you run your company.

Continue reading…

There's No Such Thing as a HITECH compliant tool.

ONC states that just because you have a certified EHR that does not necessarily mean that you have met the privacy and information security requirements of the HITECH Act.  Compliance is a process, not a tool.

Continue reading…

Hacker Attacks Against Healthcare Organizations Increase


Hacker Attacks Targeting Healthcare Organizations Doubled in the 4th Quarter of 2009 According to SecureWorks' Data
ATLANTA, Jan. 26 /PRNewswire/ -- SecureWorks®, Inc., a leading global provider of information security services protecting 2,700 clients worldwide, reported today that attempted hacker attacks launched at its healthcare clients doubled in the fourth quarter of 2009. Attempted attacks increased from an average of 6,500 per healthcare client per day in the first nine months of 2009 to an average of 13,400 per client per day in the last three months of 2009. Attempted attacks against other types of organizations, protected by SecureWorks, did not increase in the fourth quarter.
 

Continue reading…

HITECH Pain for Small Business Associate

A letter to a congressman complaining about the impact of HITECH on small business associates.

Continue reading…

90 % Not Ready For HIPAA HITECH

Ponemon Institute survey states 90% of healthcare organizations not ready for HIPAA HITECH which goes into effect February 18, 2010.

Continue reading…

HIPAA HITECH for Insurance Brokers

A Webinar on January 28th at 11:00 AM PST, “HIPAA/Hitech Compliance for Benefits Brokers and Consultants” , cosponsored by The Industry Radar, ZIX Corp, and Compliance Helper.

Continue reading…

HIPAA HITECH Compliance Meter(tm)

The HIPAA HITECH Compliance Meter(tm) is getting noticed in the marketplace as more and more covered entities realize that they need to have a real time window into the compliance level of their business associates.

Continue reading…

It's Not The Size That Counts - HIPAA Security Breach

"It's Not The Size That Counts"

Continue reading…

Son of HIPAA

David Harlow has an excellent blog about the Connecticut AG suing Healthnet, his admonition:Don't be the "Son of HIPAA".

Continue reading…

HIPAA HITECH and Willful Neglect

I would define willful neglect in the case of the HITECH Act as; sending an amended business associate agreement stating that the business associate should "be careful" and then assuming you are covered.  As an old boss once told me, never assume because that merely makes an ass of u and me.

Continue reading…