HIPAA HITECH Compliance News

NIST CSF Risk Assessment Cycle

The NIST Framework works best when linked with NIST Policies and a cycle of reviewing and updating policies to match changes in the organization.  We call this the Cycle of Compliance.

Continue reading…

Your HIPAA Policies are Out of Date

HIPAA policies need to be built on a Cyber Security Framework (CSF) to be valid.  Old policies written by consultants, lawyers, in-house IT, or bought off the internet do not meet the new CSF standards.

Continue reading…

Jumpstart the NIST Framework

The NIST Framework is the gold standard of HIPAA compliance and Jumpstart can get you up and running in 72 hours at a very low cost.

Continue reading…

Lack of Risk Assessments Could Cost $729 Million

Audit Finds Millions Paid Inappropriately Due to Lack of a Risk Assessment.  Under the HITECH Act meaningful use incentive program, conducting a security risk assessment of protected health information "created or maintained by the certified EHR technology through the implementation of appropriate technical capabilities" is a core requirement.

Continue reading…

Ransomware Attack is a HIPAA Breach

Ransomware Attack is a HIPAA Breach

A ransomware attack can trigger a series of bad events leading to a huge HIPAA fine.  The slippery slope: Ransomware attack is a HIPAA breach, which when reported triggers an audit, that discovers a lack of an up to date risk assessment, which leads to a fine for willful neglect.

Continue reading…

Older Posts


Categories