News & Analysis as of

Hacking Your Health: For Healthcare Providers, Risk Analysis Must Be Ongoing

Healthcare providers would be wise to keep in mind that if a patient is harmed by a hacked medical device, Exhibit A in the negligence suit against them may be that provider’s risk analysis, or lack thereof....more

Plan for the Worst, Hope for the Best: Why You Must Have a HIPAA Risk Assessment

When the Office for Civil Rights (“OCR”) auditor drops by your health facility to ensure that you are complying with HIPAA, one thing is for certain: he will be asking to see your Risk Assessment. Do you have one? Is it...more

Upcoming HIPAA Audits May Target Financial Institutions—Here’s How to Prepare

Much like a tornado watch, the conditions appear to be right for a coming storm: the upcoming Phase 2 HIPAA audits. The Department of Health and Human Services Office for Civil Rights (OCR) has begun verifying contact...more

Criminal Cyberattacks: The No. 1 Cause of Health Care Data Breaches in 2014

A new study released on May 7, 2015, by the Ponemon Institute revealed that criminal cyberattacks on health care organizations were the most prevalent cause of data breaches in 2014. The report underscores the need to think...more

Lessons Learned from Recent Data Security Breaches, Part Two

Because controlling access is essential to protecting privacy of PHI under HIPAA, the HITECH Security Rule essentially requires that a covered entity control physical and electronic access to the data system by implementing...more

Pressure Points: OCR Enforcement Activity in 2014

During 2014, the Office for Civil Rights (OCR) of the U.S. Department of Health & Human Services initiated six enforcement actions in response to security breaches reported by entities covered by the Health Insurance...more

How to Identify Hidden Risks in Big Data

T.S. Eliot wrote, “Only those who will risk going too far can possibly find out how far one can go.” While this may be an inspiring philosophy in many respects, it is a dangerous path for corporations that push the envelope...more

2015 Trends: #10 Cybersecurity: A Risk that Needs to be on Your Ethics and Compliance To-Do List

The starting point for every ethics and compliance program must always be an analysis of the ethics and compliance risks faced by the organization. In that light, it’s important to listen to James Comey, Director, U.S....more

Alert: Five Ways to Reduce Your HIPAA Liability

As of early December 2014, 1,170 security breaches under the Health Insurance Portability and Accountability Act (HIPAA) involving 31 million records had been reported to the U.S. Department of Health and Human Services (HHS)...more

Top Five Resolutions for Covered Entities and Business Associates in 2015

The New Year is here. It is time to make those 2015 resolutions, and not just those for getting fit and healthy. Resolve now to improve your organization’s compliance with the Health Insurance Portability and Accountability...more

On The Eighth Day of Privacy, Health Care Systems (Over)Shared Data

When is “sharing” too much of a good thing? And will it get worse for health care systems in 2015? Data sharing has become a point of sharp focus in the efforts to improve the quality and efficiency of health...more

HIPAA Settlement Underscores the Vulnerability of Unpatched and Unsupported Software

The title of this alert, which comes straight from the Department of Health and Human Services Office for Civil Rights' (OCR) announcement of its most recent settlement, again underscores the critical need for covered...more

Cliff Notes from the Joint OCR/NIST HIPAA Security Conference

As a service to our readers, we have distilled last week’s joint HHS Office of Civil Rights (OCR) and National Institute of Standards in Technology (NIST) conference, “Safeguarding Health Information: Building Assurance...more

ACOs And Pay for Value … About the Data

It has been over three years since the Centers for Medicare and Medicaid Services (CMS) announced its proposed rule and guidance on the development and implementation of Accountable Care Organizations. About four million...more

Privacy Wednesday

What’s that old saying … “a day late and a dollar short?” Here is our Privacy Monday roundup … on Wednesday. Office for Civil Rights HIPAA Crackdown? The Office for Civil Rights (OCR) — the enforcement arm of...more

Dealing with a Data Broker? Here's What you Need to Know

The FTC recently released its report, “Data Brokers: A Call for Transparency and Accountability.” The report is the result of a study of nine data brokers and provides legislative recommendations...more

HHS Releases a New Security Risk Assessment Tool

The Department of Health and Human Services (HHS) recently released a new security risk assessment (SRA) tool for small- to medium-sized health care providers. HIPAA requires covered entities to conduct periodic assessments...more

Caution: Failure to Conduct a HIPAA Risk Analysis Endangers Your Meaningful Use Incentive Payments

Providers participating in the Medicare and Medicaid Electronic Health Record ("EHR") incentive programs should be mindful that failure to comply with the requirements of the Health Insurance Portability and Accountability...more

Health Reform + Related Health Policy News

Enrollment in Health Plans under ACA Exceeds Projected Number of 7 Million - The White House announced on April 1 that 7.1 million Americans had enrolled in health plans under the Affordable Care Act ("ACA"). ...more

HHS announces new risk assessment tool for HIPAA security compliance

Recently, the Department of Health and Human Services released an interactive security risk assessment tool intended to assist employers who sponsor self-insured group health plans in complying with their HIPAA security rule...more

OCR Announces the Results from it's Pilot Audit and it's Plans For Next Year

The Office of Civil Rights Audit Pilot Program has come to an end with 115 audits, primarily in person, having been completed. The Pilot Program had multiple revelations in privacy, some of which were probably, not so...more

No More Excuses: HHS Issues New HIPAA Tool for Small Businesses

Three U.S. Department of Health and Human Services (“HHS”) agencies, the Office for the National Coordinator for Health IT (“ONC”), in conjunction with the Office for Civil Rights (“OCR”) and the Office of the General Counsel...more

ONC’s Security Risk Assessment Tool Is Useful but Could Be Improved

The Office of the National Coordinator for Health Information Technology (ONC) released a Security Risk Assessment Tool (SRA Tool) on March 28. According to the User Guide for the SRA Tool, the Tool is designed to help small...more

HHS releases Security Risk Assessment Tool to Help Providers with HIPAA Compliance

In collaboration with the HHS Office for Civil Rights, the Office of the National Coordinator for Health Information Technology released a new tool designed to help practices conduct and document a comprehensive assessment to...more

HIPAA Security Risk Assessment Tool Released by HHS

HIPAA security risk assessment (SRA) tool was recently made available through HHS. The tool was developed as a collaborative effort between the HHS Office of the National Coordinator for Health Information Technology (ONC),...more

41 Results
|
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×