Guidance

HHS/OCR guidance on HIPAA regulations

The Rise of Ransomware in Healthcare (Part 2 of 3)

In this second installment of the series, we discuss the impact of ransomware specifically on the healthcare industry. In the 15th annual Ponemon Institute “Cost of a Data Breach Report” published by IBM Security earlier this year, hundreds of breached companies and thousands of individuals were interviewed across 17 different industries and 17 countries/regions. For

The Rise of Ransomware in Healthcare (Part 2 of 3) Read More »

Annual Security/Risk Assessments Critical to HIPAA Compliance

Whether you are audited randomly or as a result of a breach or a complaint, you will be asked to provide evidence of past security/risk assessments and plans/actions for remediating any deficiencies identified in these assessments.  This company’s failure to conduct risk assessments was a key factor in the settlement agreement reached with the Office

Annual Security/Risk Assessments Critical to HIPAA Compliance Read More »

HIPAA Breaches

Think that breaches are rare or are private? Think again. Section 13402(e)(4) of the HITECH Act requires the Secretary of the Department of Health and Human Services (DHHS) Office for Civil Rights (OCR) to post a list of breaches of unsecured protected health information (PHI) affecting 500 individuals or more. There are currently over 400

HIPAA Breaches Read More »